|
|
CVE Reference: CVE-2008-2266 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-2266 |
|
|
Description: uulib/uunconc.c in UUDeview 0.5.20, as used in nzbget before 0.3.0 and possibly other products, allows local users to overwrite arbitrary files via a symlink attack on a temporary filename generated by the tempnam function. NOTE: this may be a CVE-2004-2265 regression. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/42407 SAID Secunia Advisory: SA30171 Secunia Advisory: SA31420 MLIST http://www.openwall.com/lists/oss-security/2008/05/30/1 http://www.openwall.com/lists/oss-security/2008/05/14/10 MISC http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480972 GENTOO http://security.gentoo.org/glsa/glsa-200808-11.xml BID 29211 |
|
| Return to the previous page. |
