Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1078

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2008-1078
Last Modified 10 Jan 2009 12:00:00
Published 28 Feb 2008 09:44:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-1078

Summary

expn in the am-utils and net-fs packages for Gentoo, rPath Linux, and other distributions, allows local users to overwrite arbitrary files via a symlink attack on the expn[PID] temporary file. NOTE: this is the same issue as CVE-2003-0308.1.

Vulnerable Systems

Operating System

  • Gentoo Linux

  • Rpath Linux


References

FEDORA - FEDORA-2008-10755

CONFIRM - https://issues.rpath.com/browse/RPL-2255

BID - 28044

BUGTRAQ - 20080228 rPSA-2008-0088-1 am-utils

GENTOO - GLSA-200804-09

CONFIRM - http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0088

SECUNIA - 33400

SECUNIA - 29694

SECUNIA - 29187

SECUNIA - 29144

CONFIRM - http://bugs.gentoo.org/show_bug.cgi?id=210158


Last Updated: 27 May 2016 10:47:01