4 matches found
Design/Logic Flaw
mailscanner 4.55.10 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the 1 f-prot-autoupdate, 2 clamav-autoupdate, 3 panda-autoupdate.new, 4 trend-autoupdate.new, and 5 rav-autoupdate.new scripts in...
CVE-2008-5140
trend-autoupdate.new in mailscanner 4.55.10 and other versions before 4.74.16-1 allows local users to overwrite arbitrary files via a symlink attack on a 1 /tmp/opr.ini. or 2 /tmp/lpt.zip temporary file...
CVE-2008-5140
trend-autoupdate.new in mailscanner 4.55.10 and other versions before 4.74.16-1 allows local users to overwrite arbitrary files via a symlink attack on a 1 /tmp/opr.ini. or 2 /tmp/lpt.zip temporary file...
CVE-2008-5140
CVE-2008-5140 : MailScanner 4.55.10 and other versions before 4.74.16-1 are vulnerable to local user symlink attacks that can overwrite arbitrary files via temporary files such as /tmp/opr.ini.##### and /tmp/lpt*.zip, exposing a local-privilege risk. The underlying issue is a symlink-based overwr...