CVE-2008-4085

plaiter in Plait before 1.6 allows local users to overwrite arbitrary files via a symlink attack on (1) cut.$$, (2) head.$$, (3) awk.$$, and (4) ps.$$ temporary files in /tmp/.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:stephenjungels:plait:*:*:*:*:*:*:*:*
cpe:2.3:a:stephenjungels:plait:0.50:*:*:*:*:*:*:*
cpe:2.3:a:stephenjungels:plait:0.51:*:*:*:*:*:*:*
cpe:2.3:a:stephenjungels:plait:0.52:*:*:*:*:*:*:*
cpe:2.3:a:stephenjungels:plait:0.53:*:*:*:*:*:*:*
cpe:2.3:a:stephenjungels:plait:0.54:*:*:*:*:*:*:*
cpe:2.3:a:stephenjungels:plait:0.55:*:*:*:*:*:*:*
cpe:2.3:a:stephenjungels:plait:0.55.1:*:*:*:*:*:*:*
cpe:2.3:a:stephenjungels:plait:0.55.2:*:*:*:*:*:*:*
cpe:2.3:a:stephenjungels:plait:0.99:*:*:*:*:*:*:*
cpe:2.3:a:stephenjungels:plait:1.0:*:*:*:*:*:*:*
cpe:2.3:a:stephenjungels:plait:1.1:*:*:*:*:*:*:*
cpe:2.3:a:stephenjungels:plait:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:stephenjungels:plait:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:stephenjungels:plait:1.3:*:*:*:*:*:*:*
cpe:2.3:a:stephenjungels:plait:1.4:*:*:*:*:*:*:*
cpe:2.3:a:stephenjungels:plait:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:stephenjungels:plait:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:stephenjungels:plait:1.5:*:*:*:*:*:*:*
cpe:2.3:a:stephenjungels:plait:1.5.1:*:*:*:*:*:*:*

History

No history.

Information

Published : 2008-09-15 17:12

Updated : 2024-02-28 11:21


NVD link : CVE-2008-4085

Mitre link : CVE-2008-4085

CVE.ORG link : CVE-2008-4085


JSON object : View

Products Affected

stephenjungels

  • plait
CWE
CWE-59

Improper Link Resolution Before File Access ('Link Following')