Executive Summary

Informations
Name CVE-2005-0610 First vendor Publication 2005-04-12
Vendor Cve Last vendor Modification 2008-09-05

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 7.2 Attack Range Local
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 3.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Multiple symlink vulnerabilities in portupgrade before 20041226_2 in FreeBSD allow local users to (1) overwrite arbitrary files and possibly replace packages to execute arbitrary code via pkg_fetch, (2) overwrite arbitrary files via temporary files when portupgrade upgrades a port or package, or (3) create arbitrary zero-byte files via the pkgdb.fixme temporary file.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0610

CPE : Common Platform Enumeration

TypeDescriptionCount
Os 63

OpenVAS Exploits

Date Description
2008-09-04 Name : FreeBSD Ports: portupgrade
File : nvt/freebsd_portupgrade.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
15477 portupgrade pkg_fetch Symlink Privilege Escalation

portupgrade contains a flaw that may allow a malicious local user to overwrite, create and manipulate arbitrary files on the system with the permissions of the user running portupgrade. The issue is due to the 'pkg_fetch' download packages creating temporary files insecurely. It is possible for a user to use a symlink style attack to manipulate arbitrary files, resulting in a loss of integrity.

Nessus® Vulnerability Scanner

Date Description
2005-07-13 Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_22f00553a09d11d9a7880001020eed82.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
BID http://www.securityfocus.com/bid/13106
MISC http://www.vuxml.org/freebsd/22f00553-a09d-11d9-a788-0001020eed82.html
SECUNIA http://secunia.com/advisories/14903

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
Date Informations
2024-02-02 01:02:56
  • Multiple Updates
2024-02-01 12:01:40
  • Multiple Updates
2023-09-05 12:02:47
  • Multiple Updates
2023-09-05 01:01:31
  • Multiple Updates
2023-09-02 12:02:48
  • Multiple Updates
2023-09-02 01:01:31
  • Multiple Updates
2023-08-12 12:03:22
  • Multiple Updates
2023-08-12 01:01:31
  • Multiple Updates
2023-08-11 12:02:55
  • Multiple Updates
2023-08-11 01:01:33
  • Multiple Updates
2023-08-06 12:02:42
  • Multiple Updates
2023-08-06 01:01:32
  • Multiple Updates
2023-08-04 12:02:46
  • Multiple Updates
2023-08-04 01:01:33
  • Multiple Updates
2023-07-14 12:02:45
  • Multiple Updates
2023-07-14 01:01:33
  • Multiple Updates
2023-03-29 01:02:50
  • Multiple Updates
2023-03-28 12:01:38
  • Multiple Updates
2022-10-11 12:02:27
  • Multiple Updates
2022-10-11 01:01:25
  • Multiple Updates
2021-05-04 12:02:49
  • Multiple Updates
2021-04-22 01:03:02
  • Multiple Updates
2020-05-23 00:16:23
  • Multiple Updates
2019-03-19 12:01:48
  • Multiple Updates
2016-04-26 13:19:24
  • Multiple Updates
2014-02-17 10:30:23
  • Multiple Updates
2013-05-11 11:22:09
  • Multiple Updates