Search for vulnerabilities
Vulnerability details: VCID-68ja-r46p-aaae
Vulnerability ID VCID-68ja-r46p-aaae
Aliases CVE-2004-2768
Summary dpkg 1.9.21 does not properly reset the metadata of a file during replacement of the file in a package upgrade, which might allow local users to gain privileges by creating a hard link to a vulnerable (1) setuid file, (2) setgid file, or (3) device, a related issue to CVE-2010-2059.
Status Published
Exploitability 0.5
Weighted Severity 6.5
Risk 3.2
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-264 Permissions, Privileges, and Access Controls
System Score Found at
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
epss 0.00066 https://api.first.org/data/v1/epss?cve=CVE-2004-2768
cvssv2 7.2 https://nvd.nist.gov/vuln/detail/CVE-2004-2768
Reference id Reference type URL
http://lists.jammed.com/ISN/2003/12/0056.html
https://api.first.org/data/v1/epss?cve=CVE-2004-2768
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=225692
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2768
https://exchange.xforce.ibmcloud.com/vulnerabilities/59428
http://www.hackinglinuxexposed.com/articles/20031214.html
cpe:2.3:a:debian:dpkg:1.9.21:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:debian:dpkg:1.9.21:*:*:*:*:*:*:*
CVE-2004-2768 https://nvd.nist.gov/vuln/detail/CVE-2004-2768
No exploits are available.
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2004-2768
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.05128
EPSS Score 0.00042
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.