Vulnerability in Gnu A2ps
CVE-2004-1377
The (1) fixps (aka fixps.in) and (2) psmandup (aka psmandup.in) scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files.
EPSS: 0.004 (27.9th percentile) — read the EPSS interpretation.
Affected products
- Gnu A2ps — versions 4.13, 4.13b
- Turbolinux Turbolinux_home
- Turbolinux Turbolinux_server — versions 7.0, 8.0
- Turbolinux Turbolinux_workstation — versions 7.0, 8.0
- N/a — versions n/a
References
- cve@mitre.org (vendor-advisory, Patch, x_refsource_GENTOO)
- cve@mitre.org (Patch, vdb-entry, x_refsource_BID)
- cve@mitre.org (x_refsource_CONFIRM)
- cve@mitre.org (Patch, vdb-entry, x_refsource_BID)
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)