CVE-2008-2958

Sažetak

Race condition in (1) checkinstall 1.6.1 and (2) installwatch allows local users to overwrite arbitrary files and have other impacts via symlink and possibly other attacks on temporary working directories.

Reference

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=488140
http://lists.alioth.debian.org/pipermail/secure-testing-team/2008-June/001672.html
http://secunia.com/advisories/30873
https://exchange.xforce.ibmcloud.com/vulnerabilities/43440

CVSS

Base:	4.4
Impact:	6.4
Exploitability:	3.4

Pristup

Vektor	Složenost	Autentikacija
LOCAL	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:M/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

08-08-2017 - 01:31

Objavljeno

01-07-2008 - 22:41