← back
CVE-2008-2266

CVE-2008-2266

EPSS 0.3%
uulib/uunconc.c in UUDeview 0.5.20, as used in nzbget before 0.3.0 and possibly other products, allows local users to overwrite arbitrary files via a symlink attack on a temporary filename generated by the tempnam function. NOTE: this may be a CVE-2004-2265 regression.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480972http://secunia.com/advisories/30171http://secunia.com/advisories/31420http://security.gentoo.org/glsa/glsa-200808-11.xmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/42407http://www.openwall.com/lists/oss-security/2008/05/14/10http://www.openwall.com/lists/oss-security/2008/05/30/1http://www.securityfocus.com/bid/29211