Lucene search
HistoryNov 18, 2008 - 4:00 p.m.
CVE-2008-5148
sch2eaglepos.sh
local users
file overwrite
symlink attack
geda-gnetlist 1.4.0
cve-2008-5148
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
5.9 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
sch2eaglepos.sh in geda-gnetlist 1.4.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/##### temporary file.
Affected configurations
Node
gedagnetlistMatch1.4.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| geda:gnetlist | geda gnetlist | eq | 1.4.0 |
Related
openvas
openvas
Fedora Update for geda-gnetlist FEDORA-2008-9694
2009-02-17 00:00:00
Fedora Update for geda-gnetlist FEDORA-2008-9730
2009-02-17 00:00:00
Fedora Update for geda-gnetlist FEDORA-2008-9730
2009-02-17 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: geda-gnetlist-20080929-2.fc8
2008-11-19 14:46:00
[SECURITY] Fedora 9 Update: geda-gnetlist-20080929-2.fc9
2008-11-19 14:51:35
[SECURITY] Fedora 10 Update: geda-gnetlist-20080929-2.fc10
2008-11-22 16:54:12
nessus
nessus
GLSA-200903-08 : gEDA: Insecure temporary file creation
2009-03-08 00:00:00
Fedora 10 : geda-gnetlist-20080929-2.fc10 (2008-10010)
2012-09-24 00:00:00
Fedora 8 : geda-gnetlist-20080929-2.fc8 (2008-9694)
2008-11-21 00:00:00
nvd
nvd
CVE-2008-5148
2008-11-18 16:00:01
prion
prion
Design/Logic Flaw
2008-11-18 16:00:00
cvelist
cvelist
CVE-2008-5148
2008-11-18 15:00:00
gentoo
gentoo
gEDA: Insecure temporary file creation
2009-03-07 00:00:00
ubuntucve
ubuntucve
CVE-2008-5148
2008-11-18 00:00:00
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
5.9 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2008-5148