CVE-2004-0996

Current Description

main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.

Basic Data

PublishedJanuary 10, 2005
Last ModifiedJuly 11, 2017
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:L/AC:L/Au:N/C:N/I:P/A:N
CVSS 2 - Access VectorLOCAL
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactNONE
CVSS 2 - Availability ImpactNONE
CVSS 2 - Base Score2.1
SeverityLOW
Exploitability Score3.9
Impact Score2.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationCscopeCscope13.0*******
    2.3ApplicationCscopeCscope15.1*******
    2.3ApplicationCscopeCscope15.3*******
    2.3ApplicationCscopeCscope15.4*******
    2.3ApplicationCscopeCscope15.5*******
  • OR - Configuration 2
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSDebianDebian Linux3.0*******
    2.3OSDebianDebian Linux3.0*alpha*****
    2.3OSDebianDebian Linux3.0*arm*****
    2.3OSDebianDebian Linux3.0*hppa*****
    2.3OSDebianDebian Linux3.0*ia-32*****
    2.3OSDebianDebian Linux3.0*ia-64*****
    2.3OSDebianDebian Linux3.0*m68k*****
    2.3OSDebianDebian Linux3.0*mips*****
    2.3OSDebianDebian Linux3.0*mipsel*****
    2.3OSDebianDebian Linux3.0*ppc*****
    2.3OSDebianDebian Linux3.0*s-390*****
    2.3OSDebianDebian Linux3.0*sparc*****
    2.3OSGentooLinux********
    2.3OSScoUnixware7.1.1*******
    2.3OSScoUnixware7.1.3*******
    2.3OSScoUnixware7.1.4*******

Vulnerable Software List

VendorProductVersions
Debian Debian Linux 3.0
Sco Unixware 7.1.1, 7.1.3, 7.1.4
Cscope Cscope 13.0, 15.1, 15.3, 15.4, 15.5
Gentoo Linux *

References

NameSourceURLTags
http://docs.info.apple.com/article.html?artnum=306172http://docs.info.apple.com/article.html?artnum=306172CONFIRM
APPLE-SA-2007-07-31http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.htmlAPPLE
20041124 STG Security Advisory: [SSA-20041122-09] cscope insecure temp file creation vulnerabilityhttp://marc.info/?l=bugtraq&m=110133485519690&w=2BUGTRAQ
26235http://secunia.com/advisories/26235SECUNIA
DSA-610http://www.debian.org/security/2004/dsa-610DEBIANPatch Vendor Advisory
GLSA-200412-11http://www.gentoo.org/security/en/glsa/glsa-200412-11.xmlGENTOO
20041117 RX171104 Cscope v15.5 and minors - symlink vulnerability - advisory, exploit and patch.http://www.securityfocus.com/archive/1/381443BUGTRAQ
20041118 Re: RX171104 Cscope v15.5 and minors - symlink vulnerability - advisory, exploit and patch.http://www.securityfocus.com/archive/1/381506BUGTRAQ
20041118 Re: RX171104 Cscope v15.5 and minors - symlink vulnerability - advisory, exploit and patch.http://www.securityfocus.com/archive/1/381611BUGTRAQ
11697http://www.securityfocus.com/bid/11697BIDExploit Patch Vendor Advisory
25159http://www.securityfocus.com/bid/25159BID
ADV-2007-2732http://www.vupen.com/english/advisories/2007/2732VUPEN
cscope-tmp-race-condition(18125)https://exchange.xforce.ibmcloud.com/vulnerabilities/18125XF