CVE-2005-1270

Published: Apr 26, 2005Modified: Apr 16, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:N/I:P/A:N

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

The (1) check_update.sh and (2) rkhunter script in Rootkit Hunter before 1.2.3-r1 create temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack.

Affected (4)

Products: Gentoo: Rootkit Hunter

Gentoo

1 product

Rootkit Hunter

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Gentoo Rootkit Hunter	Version 1.2.1
Gentoo Rootkit Hunter	Version 1.2.2
Gentoo Rootkit Hunter	Version 1.2.3
Gentoo Rootkit Hunter	Version 1.2

References (10)

http://secunia.com/advisories/15127

Source: cve@mitre.org

http://www.gentoo.org/security/en/glsa/glsa-200504-25.xml

Source: cve@mitre.org

Patch

http://www.osvdb.org/15861

Source: cve@mitre.org

http://www.securityfocus.com/bid/13399

Source: cve@mitre.org

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/20279

Source: cve@mitre.org

http://secunia.com/advisories/15127