CVE-2008-4476

2008-10-07T17:11:38
ID CVE-2008-4476
Type cve
Reporter NVD
Modified 2017-08-07T21:32:40

Description

sympa.pl in sympa 5.3.4 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/sympa_aliases.$$ temporary file. NOTE: wwsympa.fcgi was also reported, but the issue occurred in a dead function, so it is not a vulnerability.