CVE-2008-5368

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2008-5368
muttprint in muttprint 0.72d allows local users to overwrite arbitrary files via a symlink attack on the /tmp/muttprint.log temporary file.

6.9 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 3.4 / Impact : 10.0

Access Vector LOCAL

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://lists.debian.org/debian-devel/2008/08/msg00283.html
http://www.gentoo.org/security/en/glsa/glsa-200903-35.xml
http://secunia.com/advisories/34439
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

cpe:2.3:a:lukas_ruf:muttprint:0.72d:*:*:*:*:*:*:*
Information

Published : 2008-12-08 15:30

Updated : 2009-03-25 22:47

NVD link : CVE-2008-5368

Mitre link : CVE-2008-5368

JSON object : View

CWE
CWE-59

Improper Link Resolution Before File Access ('Link Following')

Advertisement

dedicated server usa
Products Affected

lukas_ruf

  • muttprint