Lucene search
HistoryNov 18, 2008 - 4:00 p.m.
CVE-2008-5137
tkman
2.2
local users
overwrite
symlink attack
cve-2008-5137
nvd
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
6.1 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
tkman in tkman 2.2 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/tkman##### or (2) /tmp/ll temporary file.
Affected configurations
Node
tkmantkmanMatch2.2
| CPE | Name | Operator | Version |
|---|---|---|---|
| tkman:tkman | tkman | eq | 2.2 |
Social References
More
Related
gentoo
gentoo
TkMan: Insecure temporary file usage
2009-09-09 00:00:00
nvd
nvd
CVE-2008-5137
2008-11-18 16:00:01
securityvulns
securityvulns
[ GLSA 200909-07 ] TkMan: Insecure temporary file usage
2009-09-10 00:00:00
nessus
nessus
GLSA-200909-07 : TkMan: Insecure temporary file usage
2009-09-10 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200909-07 (tkman)
2009-09-15 00:00:00
Gentoo Security Advisory GLSA 200909-07 (tkman)
2009-09-15 00:00:00
ubuntucve
ubuntucve
CVE-2008-5137
2008-11-18 00:00:00
cvelist
cvelist
CVE-2008-5137
2008-11-18 15:00:00
prion
prion
Arbitrary file deletion
2008-11-18 16:00:00
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
6.1 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2008-5137