Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5704

Overview

Vulnerability Score 7.6 7.6
CVE Id CVE-2008-5704
Last Modified 20 May 2009 12:00:00
Published 22 Dec 2008 10:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2008-5704

Summary

src/unit_test.c in gpsdrive (aka gpsdrive-scripts) 2.10~pre4 might allow local users to overwrite arbitrary files via a symlink attack on the /tmp/gpsdrive-unit-test/proc temporary file, a different vector than CVE-2008-4959 and CVE-2008-5380.

Vulnerable Systems

Application

  • Gpsdrive 1.32

  • Gpsdrive 1.33

  • Gpsdrive 2.09

  • Gpsdrive 2.10


References

MLIST - [oss-security] 20081216 CVE id request: gpsdrive

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508597


Last Updated: 27 May 2016 10:48:54