CVE-2008-5706

Verlihub <0.9.8d-RC2 - Local File Overwrite

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-5706. PoCs published by v4lkyrius.

AI-analyzed exploit summary This is a detailed technical analysis of CVE-2008-5705, a command injection vulnerability in Verlihub <=0.9.8d-RC2. The writeup includes the root cause (unsanitized input in the trigger mechanism), exploit steps, and a patch diff.

Description

The cTrigger::DoIt function in src/ctrigger.cpp in the trigger mechanism in the daemon in Verlihub 0.9.8d-RC2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the /tmp/trigger.tmp temporary file.

Exploits (1)

exploitdb WRITEUP VERIFIED
by v4lkyrius · textremotelinux
https://www.exploit-db.com/exploits/7183

This is a detailed technical analysis of CVE-2008-5705, a command injection vulnerability in Verlihub <=0.9.8d-RC2. The writeup includes the root cause (unsanitized input in the trigger mechanism), exploit steps, and a patch diff.

Classification
Writeup 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Verlihub <=0.9.8d-RC2
Auth required
Prerequisites: Verlihub configured with allow_exec=1 · User triggers enabled and accepting arguments
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (5)

Core 5
Core References
Issue Tracking x_refsource_misc
http://bugs.debian.org/506530
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/32889
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/7183
Mailing List mailing-list x_refsource_mlist
http://openwall.com/lists/oss-security/2008/12/17/16
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/4800

Scores

EPSS 0.0024
EPSS Percentile 47.8%

Details

CWE
CWE-59
Status published
Products (1)
verlihub-project/verlihub 0.9.8d rc2
Published Dec 22, 2008
Tracked Since Feb 18, 2026