Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5394

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2008-5394
Last Modified 15 Sep 2009 01:20:39
Published 08 Dec 2008 07:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-5394

Summary

/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line (aka ut_line) field in a utmp entry.

Vulnerable Systems

Application

  • Debian Shadow 4.0.18.1


References

XF - debian-login-symlink(47037)

UBUNTU - USN-695-1

BID - 32552

BUGTRAQ - 20081130 /bin/login gives root to group utmp

MILW0RM - 7313

MANDRIVA - MDVSA-2009:062

SREASON - 4695

GENTOO - GLSA-200903-24

OSVDB - 52200

CONFIRM - http://bugs.debian.org/505271

CONFIRM - http://bugs.debian.org/505071

CONFIRM - http://bugs.debian.org/332198


Last Updated: 27 May 2016 10:48:48