CVE-2008-1078
Gentoo and rPath Linux - Arbitrary File Overwrite via Symlink Attack on expn Temporary File
Title source: llmDescription
expn in the am-utils and net-fs packages for Gentoo, rPath Linux, and other distributions, allows local users to overwrite arbitrary files via a symlink attack on the expn[PID] temporary file. NOTE: this is the same issue as CVE-2003-0308.1.
References (11)
Core 11
Core References
Vendor Advisory vendor-advisory
x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2009-January/msg00273.html
Exploit x_refsource_confirm
http://bugs.gentoo.org/show_bug.cgi?id=210158
Third Party Advisory x_refsource_confirm
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0088
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/29144
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/29694
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/488931/100/0/threaded
Issue Tracking x_refsource_confirm
https://issues.rpath.com/browse/RPL-2255
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/29187
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/28044
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200804-09.xml
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/33400
Scores
EPSS
0.0003
EPSS Percentile
9.3%
Details
CWE
CWE-59
Status
published
Products (2)
gentoo/linux
rpath/rpath_linux
Published
Feb 29, 2008
Tracked Since
Feb 18, 2026