CVE-2008-4476

2008-10-07T21:11:00
ID CVE-2008-4476
Type cve
Reporter cve@mitre.org
Modified 2017-08-08T01:32:00

Description

sympa.pl in sympa 5.3.4 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/sympa_aliases.$$ temporary file. NOTE: wwsympa.fcgi was also reported, but the issue occurred in a dead function, so it is not a vulnerability.