Lucene search

Ubuntu.comUB:CVE-2008-4984

HistoryNov 06, 2008 - 12:00 a.m.

CVE-2008-4984

2008-11-0600:00:00

ubuntu.com

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.1%

JSON

scratchbox2 1.99.0.24 allows local users to overwrite arbitrary files via a
symlink attack on (a) /tmp/dpkg.#####.tmp, (b) /tmp/missing_deps.#####, and
© /tmp/sb2-pkg-chk.$tstamp.##### temporary files, related to the (1)
dpkg-checkbuilddeps and (2) sb2-check-pkg-mappings scripts.

References

launchpad.net/bugs/cve/CVE-2008-4984

nvd.nist.gov/vuln/detail/CVE-2008-4984

security-tracker.debian.org/tracker/CVE-2008-4984

www.cve.org/CVERecord?id=CVE-2008-4984

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for UB:CVE-2008-4984