Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4553

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2008-4553
Last Modified 20 Aug 2009 01:21:35
Published 15 Oct 2008 04:07:42
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-4553

Summary

qemu-make-debian-root in qemu 0.9.1-5 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on temporary files and directories.

Vulnerable Systems

Application

  • Qemu 0.9.1-5


References

CONFIRM - https://bugs.gentoo.org/show_bug.cgi?id=235826

CONFIRM - https://bugs.gentoo.org/show_bug.cgi?id=235770

XF - qemu-qemumakedebianroot-symlink(44831)

BID - 30931

MLIST - [oss-security] 20081030 CVE requests: tempfile issues for aview, mgetty, openoffice, crossfire

MLIST - [oss-security] 20081014 Re: CVE id request: qemu

MLIST - [oss-security] 20081013 CVE id request: qemu

DEBIAN - DSA-1657

MISC - http://uvw.ru/report.lenny.txt

SECUNIA - 32335

CONFIRM - http://dev.gentoo.org/~rbu/security/debiantemp/qemu

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496394


Last Updated: 27 May 2016 10:48:32