scratchbox2 1.99.0.24 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/dpkg.#####.tmp, (b) /tmp/missing_deps.#####, and (c) /tmp/sb2-pkg-chk.$tstamp.##### temporary files, related to the (1) dpkg-checkbuilddeps and (2) sb2-check-pkg-mappings scripts.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2008-11-06T11:00:00

Updated: 2024-08-07T10:31:28.334Z

Reserved: 2008-11-06T00:00:00

Link: CVE-2008-4984

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2008-11-06T15:55:52.293

Modified: 2024-11-21T00:53:00.063

Link: CVE-2008-4984

cve-icon Redhat

No data.