CVE-2008-5139

CVE-2008-5139

EPSS 0.3%

updatejail in jailer 0.4 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/#####.updatejail temporary file.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://lists.debian.org/debian-devel/2008/08/msg00285.html http://secunia.com/advisories/32943 http://secunia.com/advisories/32959 http://www.debian.org/security/2008/dsa-1674 http://www.securityfocus.com/bid/32413