MEDIUM🇬🇧 English

CVE-2004-1901

CVSS 5.5v3.1pub. 2004-12-31upd. 2026-04-16

Portage before 2.0.50-r3 allows local users to overwrite arbitrary files via a hard link attack on the lockfiles.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  • Gentoo Linux

    OS
    Gentoo
    1.4
  • Gentoo Portage

    APP
    Gentoo
    2.0.50< 2.0.50
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2024-12084CRITICAL9.8PL ✓ten sam produkt

Heap-based buffer overflow w rsync daemon — zapis poza granicami bufora sum2

CVE-2016-20021CRITICAL9.8PL ✓ten sam produkt

Brak weryfikacji podpisu PGP w Gentoo Portage emerge-webrsync

CVE-2024-12085HIGH7.5ten sam produkt

A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an att...

CVE-2022-23220HIGH7.8ten sam produkt

USBView 2.1 before 2.2 allows some local users (e.g., ones logged in via SSH) to execute arbitrary code as roo...

CVE-2017-18284HIGH7.1ten sam produkt

The Gentoo app-backup/burp package before 2.1.32 sets the ownership of the PID file directory to the burp acco...