{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2005-04-12T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple symlink vulnerabilities in portupgrade before 20041226_2 in FreeBSD allow local users to (1) overwrite arbitrary files and possibly replace packages to execute arbitrary code via pkg_fetch, (2) overwrite arbitrary files via temporary files when portupgrade upgrades a port or package, or (3) create arbitrary zero-byte files via the pkgdb.fixme temporary file."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-06-15T16:38:59", "orgId": "63664ac6-956c-4cba-a5d0-f46076e16109", "shortName": "freebsd"}, "references": [{"name": "14903", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/14903"}, {"name": "13106", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/13106"}, {"tags": ["x_refsource_MISC"], "url": "http://www.vuxml.org/freebsd/22f00553-a09d-11d9-a788-0001020eed82.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secteam@freebsd.org", "ID": "CVE-2005-0610", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple symlink vulnerabilities in portupgrade before 20041226_2 in FreeBSD allow local users to (1) overwrite arbitrary files and possibly replace packages to execute arbitrary code via pkg_fetch, (2) overwrite arbitrary files via temporary files when portupgrade upgrades a port or package, or (3) create arbitrary zero-byte files via the pkgdb.fixme temporary file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "14903", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/14903"}, {"name": "13106", "refsource": "BID", "url": "http://www.securityfocus.com/bid/13106"}, {"name": "http://www.vuxml.org/freebsd/22f00553-a09d-11d9-a788-0001020eed82.html", "refsource": "MISC", "url": "http://www.vuxml.org/freebsd/22f00553-a09d-11d9-a788-0001020eed82.html"}]}}}}, "cveMetadata": {"assignerOrgId": "63664ac6-956c-4cba-a5d0-f46076e16109", "assignerShortName": "freebsd", "cveId": "CVE-2005-0610", "datePublished": "2005-04-13T04:00:00", "dateReserved": "2005-03-01T00:00:00", "dateUpdated": "2021-06-15T16:38:59", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0A585A1-FF82-418F-90F8-072458DB7816", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.0:alpha:*:*:*:*:*:*", "matchCriteriaId": "E3F7EB61-55A5-4776-B0E7-3508920A6CEA", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.0:releng:*:*:*:*:*:*", "matchCriteriaId": "A442DE97-4485-4D95-B95D-58947585E455", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "AE31DFF8-06AB-489D-A0C5-509C090283B5", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "3BE1E3D8-2BB1-4FFA-9BC9-7AF347D26190", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:release:*:*:*:*:*:*", "matchCriteriaId": "1E8A6564-129A-4555-A5ED-6F65C56AE7B4", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:stable:*:*:*:*:*:*", "matchCriteriaId": "237174A4-E030-4A0B-AD0B-5C463603EAA4", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "DF49BF03-C25E-4737-84D5-892895C86C58", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.2:stable:*:*:*:*:*:*", "matchCriteriaId": "5D7F8F11-1869-40E2-8478-28B4E946D3CC", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "D2019E0E-426B-43AF-8904-1B811AE171E8", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:release:*:*:*:*:*:*", "matchCriteriaId": "9062BAB5-D437-49BE-A384-39F62434B70B", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:release_p38:*:*:*:*:*:*", "matchCriteriaId": "3BA1504C-14FE-4C21-A801-944041F2946F", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:releng:*:*:*:*:*:*", "matchCriteriaId": "21B69535-4FB6-4FAD-AAA6-C790FF82EFAF", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:stable:*:*:*:*:*:*", "matchCriteriaId": "6E53C673-9D6D-42C8-A502-033E1FC28D97", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "55C5FC1A-1253-4390-A4FC-573BB14EA937", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:release_p42:*:*:*:*:*:*", "matchCriteriaId": "6F4AC452-6042-409D-8673-ACAD108EE3B5", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:releng:*:*:*:*:*:*", "matchCriteriaId": "2FE1009B-371A-48E2-A456-935A1F0B7D0D", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:stable:*:*:*:*:*:*", "matchCriteriaId": "C844A170-B5A7-4703-AF3B-67366D44EA8B", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:*:*:*:*:*:*:*", "matchCriteriaId": "44308D13-D935-4FF8-AB52-F0E115ED1AD2", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:release:*:*:*:*:*:*", "matchCriteriaId": "3D41CB12-7894-4D25-80EC-23C56171D973", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:release_p32:*:*:*:*:*:*", "matchCriteriaId": "9BCD9C12-EDAB-473F-9CC5-04F06B413720", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:releng:*:*:*:*:*:*", "matchCriteriaId": "58EBC5C8-5CA8-4881-A036-179FDEBA3CA4", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:stable:*:*:*:*:*:*", "matchCriteriaId": "09789843-6A1A-4CDB-97E8-89E82B79DDB5", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*", "matchCriteriaId": "9C001822-FDF8-497C-AC2C-B59A00E9ACD2", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:release:*:*:*:*:*:*", "matchCriteriaId": "118211EF-CED7-4EB5-9669-F54C8169D4AE", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:release_p20:*:*:*:*:*:*", "matchCriteriaId": "58288F0F-B4CE-445C-AD93-DA73E3AD6FC3", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:releng:*:*:*:*:*:*", "matchCriteriaId": "CC96FBA9-6A65-4CC7-BE68-ADAF450ABE21", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:stable:*:*:*:*:*:*", "matchCriteriaId": "9A405AE2-ECC4-4BB0-80DD-4736394FB217", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "4AB4AD26-6AF2-4F3A-B602-F231FAABA73E", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.7:*:*:*:*:*:*:*", "matchCriteriaId": "B86C77AB-B8FF-4376-9B4E-C88417396F3D", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.7:release:*:*:*:*:*:*", "matchCriteriaId": "E5612FB0-8403-4A7E-B89A-D7BDFAC00078", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.7:release_p17:*:*:*:*:*:*", "matchCriteriaId": "FA699BB4-94AA-40E6-A6B6-33E3D416CDA7", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.7:releng:*:*:*:*:*:*", "matchCriteriaId": "AFDA151E-E614-4A24-A34D-B6D5309110CC", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.7:stable:*:*:*:*:*:*", "matchCriteriaId": "A7818E11-1BEB-4DAA-BA7A-A278454BA4B3", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*", "matchCriteriaId": "441BE3A0-20F4-4972-B279-19B3DB5FA14D", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:pre-release:*:*:*:*:*:*", "matchCriteriaId": "09BFA20B-2F31-4246-8F74-63DF1DB884EE", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:release_p6:*:*:*:*:*:*", "matchCriteriaId": "5F3B4BA2-8A61-4F9A-8E46-7FA80E7F5514", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:releng:*:*:*:*:*:*", "matchCriteriaId": "2D33C6EF-DBE1-4943-83E4-1F10670DAC6E", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*", "matchCriteriaId": "00EAEA17-033A-4A50-8E39-D61154876D2F", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.9:pre-release:*:*:*:*:*:*", "matchCriteriaId": "4AE93D3D-34B4-47B7-A784-61F4479FF5A2", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.9:releng:*:*:*:*:*:*", "matchCriteriaId": "E6288144-0CD7-45B6-B5A7-09B1DF14FBE8", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.10:*:*:*:*:*:*:*", "matchCriteriaId": "9FFD9D1C-A459-47AD-BC62-15631417A32F", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.10:release:*:*:*:*:*:*", "matchCriteriaId": "4ECDEC87-0132-46B6-BD9B-A94F9B669EAA", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.10:releng:*:*:*:*:*:*", "matchCriteriaId": "43E84296-9B5C-4623-A2C4-431D76FC2765", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:4.11:stable:*:*:*:*:*:*", "matchCriteriaId": "F177AE1C-58C2-4575-807C-ABFFC5119FA8", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "61EBA52A-2D8B-4FB5-866E-AE67CE1842E7", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:5.0:alpha:*:*:*:*:*:*", "matchCriteriaId": "3B13D898-C1B6-44B9-8432-7DDB8A380E9E", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:5.0:release_p14:*:*:*:*:*:*", "matchCriteriaId": "51A612F6-E4EB-4E34-8F55-79E16C74758E", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:5.0:releng:*:*:*:*:*:*", "matchCriteriaId": "5C19B266-8FE7-49ED-8678-2D522257491D", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4EE93350-92E6-4F5C-A14C-9993CFFDBCD4", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:alpha:*:*:*:*:*:*", "matchCriteriaId": "15C4D826-A419-45F5-B91C-1445DB480916", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:release:*:*:*:*:*:*", "matchCriteriaId": "0D9F2B04-A1F2-4788-A53D-C8274A758DDA", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:release_p5:*:*:*:*:*:*", "matchCriteriaId": "FEC7B38F-C6FB-4213-AE18-2D039A4D8E7A", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:releng:*:*:*:*:*:*", "matchCriteriaId": "9A5309ED-D84F-4F52-9864-5B0FEEEE5022", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "DD7C441E-444B-4DF5-8491-86805C70FB99", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:5.2.1:release:*:*:*:*:*:*", "matchCriteriaId": "C9CCE8F3-84EE-4571-8AAA-BF2D132E9BD4", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:5.2.1:releng:*:*:*:*:*:*", "matchCriteriaId": "8E4BC012-ADE4-468F-9A25-261CD8055694", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "D8A80E6A-6502-4A33-83BA-7DCC606D79AA", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:5.3:release:*:*:*:*:*:*", "matchCriteriaId": "0D6428EB-5E1A-41CB-979C-4C9402251D8B", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:5.3:releng:*:*:*:*:*:*", "matchCriteriaId": "2DCA9879-C9F5-475A-8EC9-04D151001C8D", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:5.3:stable:*:*:*:*:*:*", "matchCriteriaId": "0A94132F-4C47-49CC-B03C-8756613E9A38", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:5.4:pre-release:*:*:*:*:*:*", "matchCriteriaId": "46A60ED5-1D92-4B40-956F-D1801CAB9039", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:5.4:release:*:*:*:*:*:*", "matchCriteriaId": "3F629879-66F0-427B-86D8-D740E0E3F6E8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Multiple symlink vulnerabilities in portupgrade before 20041226_2 in FreeBSD allow local users to (1) overwrite arbitrary files and possibly replace packages to execute arbitrary code via pkg_fetch, (2) overwrite arbitrary files via temporary files when portupgrade upgrades a port or package, or (3) create arbitrary zero-byte files via the pkgdb.fixme temporary file."}], "id": "CVE-2005-0610", "lastModified": "2008-09-05T20:46:47.913", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2005-04-12T04:00:00.000", "references": [{"source": "secteam@freebsd.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/14903"}, {"source": "secteam@freebsd.org", "tags": ["Vendor Advisory"], "url": "http://www.securityfocus.com/bid/13106"}, {"source": "secteam@freebsd.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.vuxml.org/freebsd/22f00553-a09d-11d9-a788-0001020eed82.html"}], "sourceIdentifier": "secteam@freebsd.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}