Vulnerability in Debian Lintian
CVE-2004-1000
lintian 1.23 and earlier removes the working directory even if it was not created by lintian, which may allow local users to delete arbitrary files or directories via a symlink attack.
EPSS: 0.004 (26.9th percentile) — read the EPSS interpretation.
Affected products
- Debian Lintian — versions 1.2_0.17.1
- N/a — versions n/a
References
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
- cve@mitre.org (vendor-advisory, x_refsource_DEBIAN)