CVE-2008-5394

/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line aka utline field in a utmp entry...

CVE-2008-5394

CVE-2008-5394 concerns the shadow package’s /bin/login on Debian (and likely other distros) where local users in the utmp group could exploit a symlink vulnerability to overwrite arbitrary files via a temporary file referenced in a utmp entry’s ut_line field. The described condition affects shado...

CVE-2008-5366

The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/probe-finished or 2 /tmp/ppp-errors temporary file...

CVE-2008-5367

ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the /tmp/resolv.conf.tmp temporary file...

Arbitrary file deletion

The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/probe-finished or 2 /tmp/ppp-errors temporary file...

Design/Logic Flaw

ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the /tmp/resolv.conf.tmp temporary file...

CVE-2008-5366

The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/probe-finished or 2 /tmp/ppp-errors temporary file...

CVE-2008-5367

ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the /tmp/resolv.conf.tmp temporary file...

CVE-2008-5366

The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/probe-finished or 2 /tmp/ppp-errors temporary file...

CVE-2008-5367

ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the /tmp/resolv.conf.tmp temporary file...

CVE-2008-5366

CVE-2008-5366 affects the postinst script of the Debian/PPP package (ppp 2.4.4rel). A local attacker can exploit a symlink vulnerability to overwrite arbitrary files via temporary files in /tmp (/tmp/probe-finished or /tmp/ppp-errors). Impact is described as local, with potential data corruption ...

CVE-2008-5367

CVE-2008-5367 refers to a local privilege escalation in ip-up of ppp-udeb 2.4.4rel on Debian GNU/Linux, allowing local users to overwrite arbitrary files via a symlink attack on /tmp/resolv.conf.tmp. Connected sources confirm the issue and list affected package constraints (ppp-udeb 2.4.4rel on D...

CVE-2008-5366

The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/probe-finished or 2 /tmp/ppp-errors temporary file...

CVE-2008-5367

ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the /tmp/resolv.conf.tmp temporary file...

Debian GNU/Linux (symlink attack in login) Arbitrary File Ownership PoC

No description provided by source. !/bin/bash - echo ' include string.h include stdlib.h include unistd.h include utmp.h include sys/types.h include stdio.h int mainint argc, char argv struct utmp entry; int i; entry.uttype=LOGINPROCESS; strcpyentry.utline,"/tmp/x"; entry.uttime=0;...

Debian GNU/Linux (symlink attack in login) Arbitrary File Ownership PoC

No description provided by source. !/bin/bash - echo ' include string.h include stdlib.h include unistd.h include utmp.h include sys/types.h include stdio.h int mainint argc, char argv struct utmp entry; int i; entry.uttype=LOGINPROCESS; strcpyentry.utline,"/tmp/x"; entry.uttime=0;...

Debian GNU/Linux (symlink attack in login) Arbitrary File Ownership PoC

Exploit for linux platform in category local exploits ======================================================================= Debian GNU/Linux symlink attack in login Arbitrary File Ownership PoC ======================================================================= !/bin/bash - echo ' include...

CVE-2008-5142

sendbug in freebsd-sendpr 3.113+5.3 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on a /tmp/pr. temporary file...

Design/Logic Flaw

sendbug in freebsd-sendpr 3.113+5.3 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on a /tmp/pr. temporary file...

CVE-2008-5142

sendbug in freebsd-sendpr 3.113+5.3 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on a /tmp/pr. temporary file...