CVE-2004-0971
EPSS 0.11%
Description
The krb5-send-pr script in the kerberos5 (krb5) package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.
How to fix CVE-2004-0971
To remediate CVE-2004-0971, upgrade the affected package to a fixed version below.
- Debian/krb5—upgrade to 1.13.2+dfsg-2 or later
Is CVE-2004-0971 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 1.13.2+dfsg-2