CVE-2008-5156

systemimager-server <3.6.3 - Local Privilege Escalation

Title source: llm
STIX 2.1

Description

si_mkbootserver in systemimager-server 3.6.3 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/*.inetd.conf or (2) /tmp/pxe.conf.*.tmp temporary file.

References (3)

Core 3
Core References
Mailing List mailing-list x_refsource_mlist
http://lists.debian.org/debian-devel/2008/08/msg00347.html
Exploit x_refsource_misc
http://uvw.ru/report.sid.txt
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/32370

Scores

EPSS 0.0036
EPSS Percentile 28.0%

Details

CWE
CWE-59
Status published
Products (1)
dann_frazier/systemimager-server 3.6.3
Published Nov 18, 2008
Tracked Since Feb 18, 2026