Vulnerabilities > CVE-2005-2180 - Local Security vulnerability in Gnats 4.0/4.1.0

047910
CVSS 2.1 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
local
low complexity
gnu

Summary

gen-index in GNATS 4.0, 4.1.0, and possibly earlier versions, when installed setuid, does not properly check files passed to the -o argument and opens the file with write access, which allows local users to overwrite arbitrary files.

Vulnerable Configurations

Part Description Count
Application
Gnu
2