Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4406

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2008-4406
Last Modified 18 Feb 2009 01:22:28
Published 03 Oct 2008 01:41:40
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-4406

Summary

A certain Debian patch to the run scripts for sabre (aka xsabre) 0.2.4b allows local users to delete or overwrite arbitrary files via a symlink attack on unspecified .tmp files.

Vulnerable Systems

Application

  • Debian Xsabre 0.2.4b


References

XF - xsabre-unspecified-symlink(45715)

XF - xsabre-xrunsabre-symlink(45609)

BID - 31512

OSVDB - 48895

MLIST - [oss-security] 20081001 CVE id request: sabre

CONFIRM - http://bugs.debian.org/433996


Last Updated: 27 May 2016 10:48:28