Published: 06/07/2005 Updated: 26/01/2024

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N

linki.py in ekg 2005-06-05 and previous versions allows local users to overwrite or create arbitrary files via a symlink attack on temporary files.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ekg project ekg
debian debian linux 3.1

Marcin Owsiany and Wojtek Kaniewski discovered that some contributed scripts (contrib/ekgh, contrib/ekgnvsh, and contrib/getekgsh) in the ekg package created temporary files in an insecure way, which allowed exploitation of a race condition to create or overwrite files with the privileges of the user invoking the script (CAN-2005-1850) ...

Several vulnerabilities have been discovered in ekg, a console Gadu Gadu client, an instant messaging program The Common Vulnerabilities and Exposures project identifies the following vulnerabilities: CAN-2005-1850 Marcin Owsiany and Wojtek Kaniewski discovered insecure temporary file creation in contributed scripts CAN-2005-1851 Mar ...

CWE-59 http://www.zataz.net/adviso/ekg-06062005.txt http://www.debian.org/security/2005/dsa-760 http://marc.info/?l=bugtraq&m=112198499417250&w=2 http://marc.info/?l=bugtraq&m=112060146011122&w=2 https://usn.ubuntu.com/162-1/https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2005-1916

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect