CVE-2009-4135

2009-12-1116:30:00

Debian Security Bug Tracker

security-tracker.debian.org

CVSS2

4.4

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

EPSS

Percentile

10.1%

JSON

The distcheck rule in dist-check.mk in GNU coreutils 5.2.1 through 8.1 allows local users to gain privileges via a symlink attack on a file in a directory tree under /tmp.

OSVersionArchitecturePackageVersionFilename
Debian12allcoreutils< 9.1-1coreutils_9.1-1_all.deb
Debian11allcoreutils< 8.32-4coreutils_8.32-4_all.deb
Debian999allcoreutils< 9.4-3.1coreutils_9.4-3.1_all.deb
Debian13allcoreutils< 9.4-3.1coreutils_9.4-3.1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	coreutils	< 9.1-1	coreutils_9.1-1_all.deb
Debian	11	all	coreutils	< 8.32-4	coreutils_8.32-4_all.deb
Debian	999	all	coreutils	< 9.4-3.1	coreutils_9.4-3.1_all.deb
Debian	13	all	coreutils	< 9.4-3.1	coreutils_9.4-3.1_all.deb