HIGH🇬🇧 English

CVE-2004-2778

CVSS 7.1v3.0pub. 2017-06-27upd. 2026-05-13

Ebuild in Gentoo may change directory and file permissions depending on the order of installed packages, which allows local users to read or write to restricted directories or execute restricted commands via navigating to the affected directories, or executing the affected commands.

oryginał EN
CVSS Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
  • Gentoo Portage

    APP
    Gentoo
    wszystkie wersje
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2016-20021CRITICAL9.8PL ✓ten sam produkt

Brak weryfikacji podpisu PGP w Gentoo Portage emerge-webrsync

CVE-2013-2100HIGH9.3ten sam produkt

The urlopen function in pym/portage/util/_urlopen.py in Gentoo Portage 2.1.12, when using HTTPS, does not veri...

CVE-2019-20384MEDIUM5.5ten sam produkt

Gentoo Portage through 2.3.84 allows local users to place a Trojan horse plugin in the /usr/lib64/nagios/plugi...

CVE-2008-4394MEDIUM6.9ten sam produkt

Multiple untrusted search path vulnerabilities in Portage before 2.1.4.5 include the current working directory...

CVE-2004-1901MEDIUM5.5ten sam produkt

Portage before 2.0.50-r3 allows local users to overwrite arbitrary files via a hard link attack on the lockfil...