Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2008-4108HistorySep 18, 2008 - 5:59 p.m.
CVE-2008-4108
2008-09-1817:59:33
Debian Security Bug Tracker
security-tracker.debian.org
14
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
EPSS
0
Percentile
5.1%
Tools/faqwiz/move-faqwiz.sh (aka the generic FAQ wizard moving tool) in Python 2.4.5 might allow local users to overwrite arbitrary files via a symlink attack on a tmp$RANDOM.tmp temporary file. NOTE: there may not be common usage scenarios in which tmp$RANDOM.tmp is located in an untrusted directory.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 11 | all | python-defaults | <= 2.7.18-3 | python-defaults_2.7.18-3_all.deb |
Related
ubuntucve
ubuntucve
CVE-2008-4108
2008-09-18 00:00:00
cve
cve
CVE-2008-4108
2008-09-18 17:59:33
nvd
nvd
CVE-2008-4108
2008-09-18 17:59:33
prion
prion
Directory traversal
2008-09-18 17:59:00
cvelist
cvelist
CVE-2008-4108
2008-09-18 17:47:00
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
EPSS
0
Percentile
5.1%
Related for DEBIANCVE:CVE-2008-4108