CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-1078

expn in the am-utils and net-fs packages for Gentoo, rPath Linux, and other distributions, allows local users to overwrite arbitrary files via a symlink attack on the expn[PID] temporary file. NOTE: this is the same issue as CVE-2003-0308.1.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 7.5%

CVSS Severity

CVSS v2 Score 7.2

References

http://bugs.gentoo.org/show_bug.cgi?id=210158
http://secunia.com/advisories/29144
http://secunia.com/advisories/29187
http://secunia.com/advisories/29694
http://secunia.com/advisories/33400
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0088
http://www.gentoo.org/security/en/glsa/glsa-200804-09.xml
http://www.securityfocus.com/archive/1/488931/100/0/threaded
http://www.securityfocus.com/bid/28044
https://issues.rpath.com/browse/RPL-2255
https://www.redhat.com/archives/fedora-package-announce/2009-January/msg00273.html
http://bugs.gentoo.org/show_bug.cgi?id=210158
http://secunia.com/advisories/29144
http://secunia.com/advisories/29187
http://secunia.com/advisories/29694
http://secunia.com/advisories/33400
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0088
http://www.gentoo.org/security/en/glsa/glsa-200804-09.xml
http://www.securityfocus.com/archive/1/488931/100/0/threaded
http://www.securityfocus.com/bid/28044
https://issues.rpath.com/browse/RPL-2255
https://www.redhat.com/archives/fedora-package-announce/2009-January/msg00273.html

Products affected by CVE-2008-1078

Gentoo » Linux » Version: N/A

cpe:2.3:o:gentoo:linux:-
Gentoo » Linux » Version: 1.2

cpe:2.3:o:gentoo:linux:1.2
Gentoo » Linux » Version: 1.4

cpe:2.3:o:gentoo:linux:1.4
Gentoo » Linux » Version: 2.1.30

cpe:2.3:o:gentoo:linux:2.1.30
Gentoo » Linux » Version: 2.2.28

cpe:2.3:o:gentoo:linux:2.2.28
Gentoo » Linux » Version: 2.3.30

cpe:2.3:o:gentoo:linux:2.3.30
Rpath » Rpath Linux » Version: 1

cpe:2.3:o:rpath:rpath_linux:1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-1078

Products

Pricing

Contact Us