CVE-2008-5706

The cTrigger::DoIt function in src/ctrigger.cpp in the trigger mechanism in the daemon in Verlihub 0.9.8d-RC2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the /tmp/trigger.tmp temporary file.
Link Following
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.9 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 19%
VendorProductVersion
verlihub-projectverlihub
0.9.8d:d
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
verlihub
oneiric
dne
natty
dne
maverick
dne
lucid
dne
karmic
dne
jaunty
ignored
intrepid
ignored
hardy
ignored
gutsy
ignored
dapper
dne
Common Weakness Enumeration
References
http://bugs.debian.org/506530
http://openwall.com/lists/oss-security/2008/12/17/16
http://securityreason.com/securityalert/4800
http://www.securityfocus.com/bid/32889
https://www.exploit-db.com/exploits/7183
http://bugs.debian.org/506530
http://openwall.com/lists/oss-security/2008/12/17/16
http://securityreason.com/securityalert/4800
http://www.securityfocus.com/bid/32889
https://www.exploit-db.com/exploits/7183