CVE Vulnerabilities

CVE-2004-2768

Published: Jun 08, 2010 | Modified: Aug 17, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.2 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

dpkg 1.9.21 does not properly reset the metadata of a file during replacement of the file in a package upgrade, which might allow local users to gain privileges by creating a hard link to a vulnerable (1) setuid file, (2) setgid file, or (3) device, a related issue to CVE-2010-2059.

Affected Software

Name Vendor Start Version End Version
Dpkg Debian 1.9.21 (including) 1.9.21 (including)

References