Lucene search

Ubuntu.comUB:CVE-2008-5155

HistoryNov 18, 2008 - 12:00 a.m.

CVE-2008-5155

2008-11-1800:00:00

ubuntu.com

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

40.2%

JSON

mail2sms.sh in smsclient 2.0.8z allows local users to overwrite arbitrary
files via a symlink attack on a (1) /tmp/header.##### or (2)
/tmp/body.##### temporary file, or append data to arbitrary files via a
symlink attack on the (3) /tmp/sms.log temporary file.

References

launchpad.net/bugs/cve/CVE-2008-5155

nvd.nist.gov/vuln/detail/CVE-2008-5155

security-tracker.debian.org/tracker/CVE-2008-5155

www.cve.org/CVERecord?id=CVE-2008-5155

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

40.2%

JSON

Related for UB:CVE-2008-5155