CVE-2004-0966 - Besotted Grey Seal

Description

The (1) autopoint and (2) gettextize scripts in the GNU gettext package 1.14 and later versions as used in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.

Reference

http://www.securityfocus.com/bid/11282 http://www.gentoo.org/security/en/glsa/glsa-200410-10.xml http://www.trustix.org/errata/2004/0050 http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136323 http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00000.html http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:051 http://marc.info/?l=bugtraq&m=110382652226638&w=2 https://www.ubuntu.com/usn/usn-5-1/ https://exchange.xforce.ibmcloud.com/vulnerabilities/17583