wyrd 1.4.3b allows local users to overwrite arbitrary files via a symlink attack on the wyrd-tmp.[USERID] temporary file.
References
Configurations
History
21 Nov 2024, 00:42
Type | Values Removed | Values Added |
---|---|---|
References | () http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=466382 - Exploit | |
References | () http://secunia.com/advisories/29009 - Vendor Advisory | |
References | () http://secunia.com/advisories/29113 - | |
References | () http://www.securityfocus.com/bid/27848 - | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=433719 - | |
References | () https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00825.html - | |
References | () https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00841.html - |
Information
Published : 2008-02-19 00:00
Updated : 2024-11-21 00:42
NVD link : CVE-2008-0806
Mitre link : CVE-2008-0806
CVE.ORG link : CVE-2008-0806
JSON object : View
Products Affected
paul_pelzl
- wyrd
CWE
CWE-59
Improper Link Resolution Before File Access ('Link Following')