Lucene search

[email protected]CVE-2008-5145

HistoryNov 18, 2008 - 4:00 p.m.

CVE-2008-5145

2008-11-1816:00:00

CWE-59

[email protected]

web.nvd.nist.gov

cve-2008-5145

ltp

symlink attack

file overwrite

local users

nvd

6.5 Medium

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

ltpmenu in ltp 20060918 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/runltp.mainmenu.##### temporary file.

CPENameOperatorVersion
debian:ltpdebian ltpeq20060918

CPE	Name	Operator	Version
debian:ltp	debian ltp	eq	20060918

References

lists.debian.org/debian-devel/2008/08/msg00285.html

www.securityfocus.com/bid/32414

exchange.xforce.ibmcloud.com/vulnerabilities/46715

6.5 Medium

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2008-5145

prion1 ubuntucve1 cvelist1