FKIE_CVE-2005-4889

Vulnerability from fkie_nvd - Published: 2010-06-08 18:30 - Updated: 2025-04-11 00:51
Severity ?
Summary
lib/fsm.c in RPM before 4.4.3 does not properly reset the metadata of an executable file during deletion of the file in an RPM package removal, which might allow local users to gain privileges by creating a hard link to a vulnerable (1) setuid or (2) setgid file, a related issue to CVE-2010-2059.
References
cve@mitre.orghttp://distrib-coffee.ipsl.jussieu.fr/pub/mirrors/rpm/files/rpm/rpm-4.4/rpm-4.4.3.tar.gzPatch
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDVSA-2010:180
cve@mitre.orghttps://bugzilla.redhat.com/show_bug.cgi?id=125517
cve@mitre.orghttps://bugzilla.redhat.com/show_bug.cgi?id=598775
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/59426
af854a3a-2127-422b-91ae-364da2661108http://distrib-coffee.ipsl.jussieu.fr/pub/mirrors/rpm/files/rpm/rpm-4.4/rpm-4.4.3.tar.gzPatch
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2010:180
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=125517
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=598775
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/59426
Impacted products
Vendor Product Version
rpm rpm *
rpm rpm 1.2
rpm rpm 1.3
rpm rpm 1.3.1
rpm rpm 1.4
rpm rpm 1.4.2
rpm rpm 1.4.2\/a
rpm rpm 1.4.3
rpm rpm 1.4.4
rpm rpm 1.4.5
rpm rpm 1.4.6
rpm rpm 1.4.7
rpm rpm 2..4.10
rpm rpm 2.0
rpm rpm 2.0.1
rpm rpm 2.0.2
rpm rpm 2.0.3
rpm rpm 2.0.4
rpm rpm 2.0.5
rpm rpm 2.0.6
rpm rpm 2.0.7
rpm rpm 2.0.8
rpm rpm 2.0.9
rpm rpm 2.0.10
rpm rpm 2.0.11
rpm rpm 2.1
rpm rpm 2.1.1
rpm rpm 2.1.2
rpm rpm 2.2
rpm rpm 2.2.1
rpm rpm 2.2.2
rpm rpm 2.2.3
rpm rpm 2.2.3.10
rpm rpm 2.2.3.11
rpm rpm 2.2.4
rpm rpm 2.2.5
rpm rpm 2.2.6
rpm rpm 2.2.7
rpm rpm 2.2.8
rpm rpm 2.2.9
rpm rpm 2.2.10
rpm rpm 2.2.11
rpm rpm 2.3
rpm rpm 2.3.1
rpm rpm 2.3.2
rpm rpm 2.3.3
rpm rpm 2.3.4
rpm rpm 2.3.5
rpm rpm 2.3.6
rpm rpm 2.3.7
rpm rpm 2.3.8
rpm rpm 2.3.9
rpm rpm 2.4.1
rpm rpm 2.4.2
rpm rpm 2.4.3
rpm rpm 2.4.4
rpm rpm 2.4.5
rpm rpm 2.4.6
rpm rpm 2.4.8
rpm rpm 2.4.9
rpm rpm 2.4.11
rpm rpm 2.4.12
rpm rpm 2.5
rpm rpm 2.5.1
rpm rpm 2.5.2
rpm rpm 2.5.3
rpm rpm 2.5.4
rpm rpm 2.5.5
rpm rpm 2.5.6
rpm rpm 2.6.7
rpm rpm 3.0
rpm rpm 3.0.1
rpm rpm 3.0.2
rpm rpm 3.0.3
rpm rpm 3.0.4
rpm rpm 3.0.5
rpm rpm 3.0.6
rpm rpm 4.0.
rpm rpm 4.0.1
rpm rpm 4.0.2
rpm rpm 4.0.3
rpm rpm 4.0.4
rpm rpm 4.1
rpm rpm 4.3.3
rpm rpm 4.4.2.
rpm rpm 4.4.2.1
rpm rpm 4.4.2.2
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:rpm:rpm:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "368283A7-FAC3-460B-8A18-DEA1E5996915",
              "versionEndIncluding": "4.4.2.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "76112E07-F476-41E5-9FF8-E85C28019BD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E064D1B0-093D-4C62-89A0-481D261F9AE5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D05B2BC3-41EB-4839-B3DC-AF8B567D0318",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "55B95097-EEA2-42A1-AA30-4AC519E67B1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "267ACF41-E8E2-4F9E-983A-E526DACFCE82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:1.4.2\\/a:*:*:*:*:*:*:*",
              "matchCriteriaId": "6429C42B-EBD6-4D93-AABB-AD268ADB72AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:1.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1372FF29-498C-41CB-AB2E-25CEC92866AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:1.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EFE8428-E00F-4E5F-8787-F63FEE93E617",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:1.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE4E9CC7-1BD8-490B-9C9B-E4A76EFAD13D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:1.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFAB0B1A-A9E5-4808-85EC-0BD2A3F753AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:1.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3D1E892-05D5-4C79-AD12-7B7C0421E509",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2..4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E092A7C-7B5A-449C-B49D-96BB5A1E011E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CA6696D-D6CC-4C23-AB8F-91474BFC341E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B16D91A5-35F5-44F3-A515-8E4F27B563D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "08974D05-C00C-438C-A76F-E17C191D0CE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "81771BF8-0788-44B5-8694-AFF436FDECD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "93BF53E9-CC37-4E31-9F34-2B569947887F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2D79478-665E-4D18-AAA6-BA51C41A4C74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A59FF59-BD73-4C13-AC51-98126ED46573",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "99C83F0D-159B-4CFB-92C6-83D36225080A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B7A4BC0-43DF-4542-A54F-BF8B07F30B12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B926B035-659A-4F86-B680-CD1A6163F2D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "A98BC57C-69AD-40F6-885B-3A560F69809F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "71499D02-8989-4AA0-80FB-28860F103EB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B424D987-8421-4FE5-B9F7-0D4AB7AC921B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F58F12D-301C-4C4D-8F78-0B6A7B220B0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "19A30CF4-508D-407B-A097-30331AF9D452",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E49FB5B-5BFA-4736-8F2C-C07188D0BC00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "883AE5CC-379E-41A7-A8B5-12671015F131",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B8D8FEA-89A2-4133-89D7-FD403D605E4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBDA2319-4C36-44A5-A1F2-E0F1EFC1DE23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.2.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "E11322F8-93B7-457C-8993-B0A8D3274468",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.2.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADD35E28-313C-4CF7-AEC0-1C91316FF5B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B591779-643B-4E2E-9270-40748EDA1BA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB3C91C9-CFDC-4C51-B6AF-51F1560161A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9D67C30-F0CA-410B-8C3A-EA5536BC256E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "80DB9D55-9BC2-416C-9A2A-021F4EC0E884",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B48E845-573C-4F07-8D69-F1A54CCEEDE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "9642BA0F-CBBD-4FB5-8A20-BBCAD7EC31CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "45C9FE2D-197A-45EB-BE40-B746B13F2C02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E07E462F-2163-430B-9315-75BFD00113C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F650FC0-1DF8-4432-92F5-4B4DCEFC2D39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "347BC012-5307-4B0F-A013-624ED455ABD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5ED89DCC-0EFF-4665-BDE0-406155A46BDE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EEB6C44-B615-46F8-A5DC-BEF25D932314",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "979D846B-9DD9-474A-A8BE-25334D2969B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDF5DE17-2061-4896-B7DA-CFDEF46E9652",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB528B71-8BF5-4D93-A1BC-DF0502AEA58F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "0585DC0B-DFBB-466E-9D3D-86E19A4B88A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "041B087D-4FBC-4EDC-AAC0-DF8A1D39980A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE4FB33B-5015-4620-BD21-3F0C916069EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "684E9118-30B2-476C-816E-CA4B2916017B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AF46B23-559C-4DF0-8510-C79F17ABF22B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD40A202-557B-495C-BBE5-DEC9FF97EE56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F3DB711-AE17-4B3B-9D45-C38CBDF418A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF2E6A8E-4C9B-46A1-B786-6C0B3A3395F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D049089-7FBD-41A6-8A5B-8497DA24C720",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "20DEBEDF-3E64-4417-BC41-7F0E20C522F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF99B53-237E-468B-8B7F-A105FE40803B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.4.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D5F196-4BA9-43EB-BE38-EE405C8CC0FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "66C4022C-F1D4-4A58-8341-E22EAF943511",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5503DC6-40DB-4A84-984E-BDEED82F224A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "90148D48-5DA5-46F9-AE96-618C427A5DA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "733E1435-CE73-4A39-97EB-304D2F45A838",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA80DA6E-CCE3-4CAF-B2A1-E6FF2B702D3C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D08FD930-F2BC-47BC-86BC-07545D1431B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "97DE028F-D0BE-435C-826D-CCBFFEBF3B31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E08EB15D-1842-41F4-9F19-FF6571055242",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:2.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "43CF2BBF-83AA-451E-8E30-E040EFCF6F64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "409B29B1-E2E0-4CBD-83D0-F4CE67820F5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D325D4A-166A-4174-BEA8-1C6D47A8DDBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6AEBBD1-2320-42A3-8DCA-46DF61007349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E54C09F8-F0F5-4BDF-868F-0B6A4609B3E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:3.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "132C1B54-0438-4239-B599-8160D494EE26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:3.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E5CCEAC-3D92-46DB-AC88-859ED5A5E277",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:3.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED68CE6A-2BF5-49F2-AEAE-199AAC94807B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:4.0.:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C589CD4-5A9E-41E1-BBFA-AF4BE2DD31E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "49E406BD-8CC3-4929-ABB2-F820F8C83823",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8685704C-C43D-4315-A541-4E04B7B08B69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "39C1D452-A003-4DB1-A8CF-0F7FBB9A5811",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4F8C79E-416F-4C88-B102-3BB60E969FAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F47849F-4466-4500-802C-260970D6A764",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:4.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C190DE39-ABEF-4DA1-A909-B9E98BD5A468",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:4.4.2.:*:*:*:*:*:*:*",
              "matchCriteriaId": "308E9B35-F619-4BBE-B1BA-AAF0873F75D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:4.4.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "77BB52FC-E320-47CD-A180-C22371D7AFEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rpm:rpm:4.4.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "01A746D6-4C15-49BD-B17C-2CA06FFA76D8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "lib/fsm.c in RPM before 4.4.3 does not properly reset the metadata of an executable file during deletion of the file in an RPM package removal, which might allow local users to gain privileges by creating a hard link to a vulnerable (1) setuid or (2) setgid file, a related issue to CVE-2010-2059."
    },
    {
      "lang": "es",
      "value": "lib/fsm.c en RPM antes de v4.4.3 no reinicia los metadatos de un archivo ejecutable durante la eliminaci\u00f3n de los archivos en una eliminaci\u00f3n de paquetes con RPM, lo que podr\u00eda permitir a usuarios locales conseguir privilegios mediante la creaci\u00f3n de un v\u00ednculo f\u00edsico a un fichero vulnerable (1) con permiso setuid o (2) con permiso setgid. Se trata de un problema relacionado con la CVE-2010-2059."
    }
  ],
  "id": "CVE-2005-4889",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-06-08T18:30:09.977",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://distrib-coffee.ipsl.jussieu.fr/pub/mirrors/rpm/files/rpm/rpm-4.4/rpm-4.4.3.tar.gz"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:180"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=125517"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=598775"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59426"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://distrib-coffee.ipsl.jussieu.fr/pub/mirrors/rpm/files/rpm/rpm-4.4/rpm-4.4.3.tar.gz"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:180"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=125517"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=598775"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59426"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.