Vulnerabilities > CVE-2004-2605 - Local Insecure Temporary File Creation vulnerability in Astats 1.6.5

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

local

low complexity

astats

NVD

Published: 2004-12-31

Updated: 2017-07-11

Summary

aStats 1.6.5 allows local users to overwrite arbitrary files via a symlink attack on (1) the aStats-Graphic-Signature-Generation file and (2) certain PNG image files.

Vulnerable Configurations

Part	Description	Count
Application	Astats Astats Astats 1.6.5	1

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=287604
http://secunia.com/advisories/13679
http://shellcode.org/pipermail/debian-audit/2004-December/000078.html
http://www.osvdb.org/12632
http://www.securityfocus.com/bid/12128
https://exchange.xforce.ibmcloud.com/vulnerabilities/18698