CVE-2005-2180

Severity

21%

Complexity

39%

Confidentiality

48%

gen-index in GNATS 4.0, 4.1.0, and possibly earlier versions, when installed setuid, does not properly check files passed to the -o argument and opens the file with write access, which allows local users to overwrite arbitrary files.

gen-index in GNATS 4.0, 4.1.0, and possibly earlier versions, when installed setuid, does not properly check files passed to the -o argument and opens the file with write access, which allows local users to overwrite arbitrary files.

CVSS 2.0 Base Score 2.1. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:N/C:N/I:P/A:N).

Overview

Type

GNU GNATS

First reported 19 years ago

2005-07-11 04:00:00

Last updated 8 years ago

2016-10-18 03:25:00

Affected Software

GNU GNATS 4.0

4.0

GNU GNATS 4.1.0

4.1.0

References

20050706 GNATS - gen-index

15963

http://www.pi3.int.pl/adv/gnats.txt

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.