Lucene search
HistoryOct 03, 2008 - 10:22 p.m.
CVE-2008-4440
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
6.2 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
The to-upgrade plugin in feta 1.4.16 allows local users to overwrite arbitrary files via a symlink on the (1) /tmp/feta.install.$USER and (2) /tmp/feta.avail.$USER temporary files.
Affected configurations
Node
debianfeta
Related
cvelist
cvelist
CVE-2008-4440
2008-10-03 22:00:00
osv
osv
feta - denial of service
2008-10-05 00:00:00
openvas
openvas
Debian Security Advisory DSA 1643-1 (feta)
2008-10-09 00:00:00
Debian: Security Advisory (DSA-1643-1)
2008-10-08 00:00:00
debian
debian
[SECURITY] [DSA 1643-1] New feta packages fix denial of service
2008-10-05 11:08:24
ubuntucve
ubuntucve
CVE-2008-4440
2008-10-03 00:00:00
cve
cve
CVE-2008-4440
2008-10-03 22:22:45
nessus
nessus
Debian DSA-1643-1 : feta - insecure temp file handling
2008-10-07 00:00:00
securityvulns
securityvulns
feta symbolic links vulnerability
2008-10-09 00:00:00
[SECURITY] [DSA 1643-1] New feta packages fix denial of service
2008-10-09 00:00:00
prion
prion
Code injection
2008-10-03 22:22:00
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
6.2 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for NVD:CVE-2008-4440