CVE-2008-4987

Published: Nov 6, 2008

Modified: Aug 7, 2024

PUBLISHED

Description

xastir 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/ldconfig.tmp, (b) /tmp/ldconf.tmp, and (c) /tmp/ld.so.conf temporary files, related to the (1) get-maptools.sh and (2) get_shapelib.sh scripts.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

31771

third-party-advisory

x_refsource_SECUNIA

xastir-getmaptools-getshapelib-symlink(44920)

vdb-entry

x_refsource_XF

FEDORA-2008-7541

vendor-advisory

x_refsource_FEDORA

[oss-security] 20081030 CVE requests: tempfile issues for aview, mgetty, openoffice, crossfire

mailing-list

x_refsource_MLIST

https://bugs.gentoo.org/show_bug.cgi?id=235770

x_refsource_CONFIRM

http://bugs.debian.org/496383

x_refsource_CONFIRM

31030

vdb-entry

x_refsource_BID

FEDORA-2008-7269

vendor-advisory

x_refsource_FEDORA

http://uvw.ru/report.lenny.txt

x_refsource_MISC

https://bugzilla.redhat.com/show_bug.cgi?id=460429

x_refsource_CONFIRM

31677

third-party-advisory

x_refsource_SECUNIA

http://dev.gentoo.org/~rbu/security/debiantemp/xastir

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2008-4987

Description

Affected Products

References