Lucene search
Ubuntu.comUB:CVE-2008-4966HistoryNov 06, 2008 - 12:00 a.m.
CVE-2008-4966
2008-11-0600:00:00
ubuntu.com
ubuntu.com
8
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.1%
linux-patch-openswan 2.4.12 allows local users to overwrite arbitrary files
via a symlink attack on (a) /tmp/snap##### and (b) /tmp/nightly#####
temporary files, related to the (1) maysnap and (2) maytest scripts.
Notes
| Author | Note |
|---|---|
| jdstrand | per Debian, the vulnerable scripts are unused from the source package |
Related
prion
prion
Code injection
2008-11-06 15:55:00
cvelist
cvelist
CVE-2008-4966
2008-11-06 11:00:00
cve
cve
CVE-2008-4966
2008-11-06 15:55:51
nvd
nvd
CVE-2008-4966
2008-11-06 15:55:51
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.1%
Related for UB:CVE-2008-4966