CVE-2005-2960

cfengine 1.6.5 and 2.1.16 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by vicf.in, a different vulnerability than CVE-2005-3137.

Date published : 2005-10-05

http://www.securityfocus.com/bid/14994

http://www.debian.org/security/2005/dsa-835