Lucene search
MitreCVE-2008-4967HistoryNov 06, 2008 - 3:55 p.m.
CVE-2008-4967
2008-11-0615:55:51
CWE-59
mitre
web.nvd.nist.gov
30
cve
linuxtrade
symlink attack
temporary files
security vulnerability
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
AI Score
6.4
Confidence
High
EPSS
0
Percentile
5.1%
linuxtrade 3.65 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/bwk, (b) /tmp/zzz, and © /tmp/ggg temporary files, related to the (1) linuxtrade.bwkvol, (2) linuxtrade.wn, and (3) moneyam.helper scripts.
Affected configurations
Node
linuxtradelinuxtradeMatch3.65
| Vendor | Product | Version | CPE |
|---|---|---|---|
| linuxtrade | linuxtrade | 3.65 | cpe:2.3:a:linuxtrade:linuxtrade:3.65:*:*:*:*:*:*:* |
Related
ubuntucve
ubuntucve
CVE-2008-4967
2008-11-06 00:00:00
prion
prion
Authentication flaw
2008-11-06 15:55:00
cvelist
cvelist
CVE-2008-4967
2008-11-06 11:00:00
nvd
nvd
CVE-2008-4967
2008-11-06 15:55:51
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
AI Score
6.4
Confidence
High
EPSS
0
Percentile
5.1%
Related for CVE-2008-4967