CVE-2005-2180

Name of the Vulnerable Software and Affected Versions: GNATS versions 4.0 through 4.1.0 GNATS versions prior to 4.0

Description: The issue arises from improper file checking in the gen-index component when installed setuid, allowing local users to overwrite arbitrary files by exploiting the -o argument. This enables write access to files that should be restricted.

Recommendations: For GNATS versions 4.0 through 4.1.0, consider restricting the use of the gen-index component when installed setuid to minimize the risk of exploitation. For GNATS versions prior to 4.0, restrict the use of the gen-index component when installed setuid to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.