Vulnerabilities > CVE-2004-0404 - Unspecified vulnerability in Psionic Logcheck
Attack vector
LOCAL Attack complexity
HIGH Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
logcheck before 1.1.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary directory in /var/tmp.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2004-155.NASL description A vulnerability was discovered in the logcheck program by Christian Jaeger. This could potentially lead to a local attacker overwriting files with root privileges. The updated packages have been patched to prevent the problem. last seen 2020-06-01 modified 2020-06-02 plugin id 16036 published 2004-12-23 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/16036 title Mandrake Linux Security Advisory : logcheck (MDKSA-2004:155) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-488.NASL description Christian Jaeger reported a bug in logcheck which could potentially be exploited by a local user to overwrite files with root privileges. logcheck utilized a temporary directory under /var/tmp without taking security precautions. While this directory is created when logcheck is installed, and while it exists there is no vulnerability, if at any time this directory is removed, the potential for exploitation exists. last seen 2020-06-01 modified 2020-06-02 plugin id 15325 published 2004-09-29 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/15325 title Debian DSA-488-1 : logcheck - insecure temporary directory