CVE-2004-0969

Published: Feb 9, 2005Modified: Apr 16, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:N/I:P/A:N

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

The groffer script in the Groff package 1.18 and later versions, as used in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.

Affected (4)

Products: Gnu: Groff · Gentoo: Linux · Ubuntu: Ubuntu Linux

1 product

1 product

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Gnu Groff	Version 1.19

Configuration B

3 vulnerable

Vulnerable Software	Affected Versions
Gentoo Linux	All versions
Ubuntu Ubuntu Linux	Version 4.1
Ubuntu Ubuntu Linux	Version 4.1

References (14)

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136313

Source: cve@mitre.org

http://secunia.com/advisories/18764

Source: cve@mitre.org

http://www.gentoo.org/security/en/glsa/glsa-200411-15.xml

Source: cve@mitre.org

PatchVendor Advisory

http://www.securityfocus.com/bid/11287

Source: cve@mitre.org

PatchVendor Advisory

http://www.trustix.org/errata/2004/0050

Source: cve@mitre.org

http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:038

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/17583

Source: cve@mitre.org

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136313