CVE-2004-0966 - Besotted Grey Seal
Description
The (1) autopoint and (2) gettextize scripts in the GNU gettext package 1.14 and later versions as used in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.
Reference
http://www.securityfocus.com/bid/11282 http://www.gentoo.org/security/en/glsa/glsa-200410-10.xml http://www.trustix.org/errata/2004/0050 http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136323 http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00000.html http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:051 http://marc.info/?l=bugtraq&m=110382652226638&w=2 https://www.ubuntu.com/usn/usn-5-1/ https://exchange.xforce.ibmcloud.com/vulnerabilities/17583