Lucene search

[email protected]CVE-2008-5136

HistoryNov 18, 2008 - 4:00 p.m.

CVE-2008-5136

2008-11-1816:00:01

CWE-59

[email protected]

web.nvd.nist.gov

cve

2008

5136

local users

overwrite

arbitrary files

symlink attack

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

tkusr in tkusr 0.82 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/tkusr.pgm temporary file.

Affected configurations

NVD

Node

ldroleztkusrMatch0.82

CPENameOperatorVersion
ldrolez:tkusrldrolez tkusreq0.82

CPE	Name	Operator	Version
ldrolez:tkusr	ldrolez tkusr	eq	0.82

References

lists.debian.org/debian-devel/2008/08/msg00285.html

www.securityfocus.com/bid/32406

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2008-5136

ubuntucve1 cvelist1 nvd1 prion1