CVE-2004-1000
lintian - insecure temporary directory
EPSS 0.07%
Description
lintian 1.23 and earlier removes the working directory even if it was not created by lintian, which may allow local users to delete arbitrary files or directories via a symlink attack.
How to fix CVE-2004-1000
To remediate CVE-2004-1000, upgrade the affected package to a fixed version below.
- Debian/lintian—upgrade to 1.23.6 or later
- Debian/lintian—upgrade to 1.20.17.1 or later
Is CVE-2004-1000 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 1.23.6
- from 0, < 1.20.17.1