CVE-2004-2768

描述

dpkg 1.9.21 does not properly reset the metadata of a file during replacement of the file in a package upgrade, which might allow local users to gain privileges by creating a hard link to a vulnerable (1) setuid file, (2) setgid file, or (3) device, a related issue to CVE-2010-2059.

受影響套件(1)

• Debian/dpkgfrom 0, < 1.10.19

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2004-2768