CVE-2008-5366

Опубликовано: 08 дек. 2008

Источник: debian

EPSS Низкий

Описание

The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/probe-finished or (2) /tmp/ppp-errors temporary file.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
ppp	unfixed			package

Примечания

Package postinst isn't vulnerable, only .tmp files in /etc

EPSS

Процентиль: 6%

0.00024

Низкий

Связанные уязвимости

CVE-2008-5366

ubuntu

около 17 лет назад

The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/probe-finished or (2) /tmp/ppp-errors temporary file.

CVE-2008-5366

nvd

около 17 лет назад

The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/probe-finished or (2) /tmp/ppp-errors temporary file.

GHSA-rfr2-972g-h6h9

github

больше 3 лет назад

The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/probe-finished or (2) /tmp/ppp-errors temporary file.

EPSS

Процентиль: 6%

0.00024

Низкий