UBUNTU-CVE-2008-5144

nvidia-cg-toolkit-installer in nvidia-cg-toolkit 2.0.0015 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/nvidia-cg-toolkit-manifest temporary file...

CVE-2008-5155

mail2sms.sh in smsclient 2.0.8z allows local users to overwrite arbitrary files via a symlink attack on a 1 /tmp/header. or 2 /tmp/body. temporary file, or append data to arbitrary files via a symlink attack on the 3 /tmp/sms.log temporary file...

CVE-2008-5140

trend-autoupdate.new in mailscanner 4.55.10 and other versions before 4.74.16-1 allows local users to overwrite arbitrary files via a symlink attack on a 1 /tmp/opr.ini. or 2 /tmp/lpt.zip temporary file...

CVE-2008-5138

passwdehd in libpam-mount 0.43 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/passwdehd. temporary file...

CVE-2008-5146

add-accession-numbers in ctn 3.0.6 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/accession temporary file...

CVE-2008-5141

flamethrower in flamethrower 0.1.8 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/multicast.tar. temporary file...

CVE-2008-5155

CVE-2008-5155 affects the smsclient component, specifically the mail2sms.sh script in version 2.0.8z. The vulnerability stems from symlink attacks on temporary files in /tmp, namely /tmp/header.##### and /tmp/body.#####, and on /tmp/sms.log. Local users can overwrite arbitrary files or append dat...

CVE-2008-5154

The CVE-2008-5154 entry concerns bluetooth.rc in p3nfs 5.19, where local users can overwrite arbitrary files by exploiting a symlink attack against the /tmp/blue.log file. This is a local-privilege issue resulting from improper handling of temporary file names, enabling a limited-access user to a...

CVE-2008-5145

CVE-2008-5145 affects ltpmenu in ltp (20060918). Local users can overwrite arbitrary files via a symlink attack on the temporary file /tmp/runltp.mainmenu.#####, enabling potential local privilege impact. The records do not specify a vendor patch or fix version in the provided documents. The root...

CVE-2008-5140

CVE-2008-5140 : MailScanner 4.55.10 and other versions before 4.74.16-1 are vulnerable to local user symlink attacks that can overwrite arbitrary files via temporary files such as /tmp/opr.ini.##### and /tmp/lpt*.zip, exposing a local-privilege risk. The underlying issue is a symlink-based overwr...

CVE-2008-5138

CVE-2008-5138 affects libpam-mount (example: version 0.43) and is triggered by a local symlink attack targeting a temporary file named /tmp/passwdehd, allowing local users to overwrite arbitrary files. The connected advisories confirm a fix implemented as a security update for pam_mount in SUSE/o...

CVE-2008-5135

The CVE refers to os-prober 1.17, where a local user can exploit a symlink to overwrite files via /tmp/mounted-map or /tmp/raided-map. The core issue is a symlink/temporary file handling path in the insecure code path. Several connected sources (NVD, Red Hat, Debian/Ubuntu advisories, and Nessus ...

CVE-2008-5144

nvidia-cg-toolkit-installer in nvidia-cg-toolkit 2.0.0015 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/nvidia-cg-toolkit-manifest temporary file...

CVE-2008-5145

ltpmenu in ltp 20060918 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/runltp.mainmenu. temporary file...

CVE-2008-5157

The CVE-2008-5157 entry concerns tau 2.16.4. It describes a local-privilige escalation where local users can overwrite arbitrary files via a symlink attack targeting temporary files: /tmp/makefile.tau..##### or /tmp/makefile.tau .#####, associated with the tau_cxx, tau_f90, and tau_cc scripts. Th...

CVE-2008-5148

CVE-2008-5148 affects geda-gnetlist; the sch2eaglepos.sh script creates a temporary file insecurely in /tmp, enabling local symlink attacks to overwrite arbitrary files. Affected package: gEDA/gNetlist, specifically around version 1.4.0. Impact: local privilege/file overwrite risk. Mitigation: up...

CVE-2008-5143

CVE-2008-5143 affects mgt-helper in multi-gnome-terminal 1.6.2. The vulnerability allows local users to overwrite arbitrary files via a symlink attack on temporary files in /tmp, specifically targeting files matching *.debug or *.env. The root cause is a symlink-related race condition during file...

CVE-2008-5149

fwdcheck.sh in libncbi6 6.1.20080302 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/ temporary file...

CVE-2008-5142

sendbug in freebsd-sendpr 3.113+5.3 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on a /tmp/pr. temporary file...

CVE-2008-5152

CVE-2008-5152 affects mh-book 200605, specifically inmail-show, where local users can overwrite arbitrary files via a symlink attack to temporary files (/tmp/inmail#####.log or /tmp/inmail#####.stdin). The root cause is a symlink/TOCTOU race in handling these temp files. Documents consistently de...