CVE-2004-0967 - Ear piercing Spades

Description

The (1) pj-gs.sh (2) ps2epsi (3) pv.sh and (4) sysvlp.sh scripts in the ESP Ghostscript (espgs) package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allow local users to overwrite files via a symlink attack on temporary files.

Reference

http://www.securityfocus.com/bid/11285 http://www.trustix.org/errata/2004/0050 http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136321 http://secunia.com/advisories/17135 http://www.redhat.com/support/errata/RHSA-2005-081.html http://secunia.com/advisories/16997 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.23/SCOSA-2006.23.txt http://secunia.com/advisories/20056 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.19/SCOSA-2006.19.txt http://secunia.com/advisories/19799 https://www.ubuntu.com/usn/usn-3-1/ https://exchange.xforce.ibmcloud.com/vulnerabilities/17583 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10284