CVE-2004-0107

Published: Apr 15, 2004Modified: Apr 16, 2026

4.6

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 3.9 / Impact: 6.4

Source: NVD

Description

The (1) post and (2) trigger scripts in sysstat 4.0.7 and earlier allow local users to overwrite arbitrary files via symlink attacks on temporary files, a different vulnerability than CVE-2004-0108.

Affected (12)

Products: Redhat: Sysstat · Sgi: Propack · Sysstat: Sysstat

1 product

1 product

1 product

Configuration A

12 vulnerable

Vulnerable Software	Affected Versions
Redhat Sysstat	Version 4.0.7-3
Sgi Propack	Version 2.3
Sgi Propack	Version 2.4
Sysstat Sysstat	Version 4.0.7
Sysstat Sysstat	Version 4.1.1
Sysstat Sysstat	Version 4.1.2
Sysstat Sysstat	Version 4.1.3
Sysstat Sysstat	Version 4.1.4
Sysstat Sysstat	Version 4.1.5
Sysstat Sysstat	Version 4.1.6
Sysstat Sysstat	Version 4.1.7
Sysstat Sysstat	Version 5.0.1

References (20)

ftp://patches.sgi.com/support/free/security/advisories/20040302-01-U.asc (unsafe URL)

Source: cve@mitre.org

Patch

http://www.ciac.org/ciac/bulletins/o-097.shtml

Source: cve@mitre.org

http://www.osvdb.org/6884

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2004-053.html

Source: cve@mitre.org

PatchVendor Advisory

http://www.redhat.com/support/errata/RHSA-2004-093.html

Source: cve@mitre.org

http://www.securityfocus.com/bid/9838

Source: cve@mitre.org

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/15428

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10737

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A849

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A862

Source: cve@mitre.org

ftp://patches.sgi.com/support/free/security/advisories/20040302-01-U.asc (unsafe URL)

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.ciac.org/ciac/bulletins/o-097.shtml

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/6884

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2004-053.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.redhat.com/support/errata/RHSA-2004-093.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/9838

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/15428

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10737

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A849

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A862

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.