Vulnerability Details CVE-2008-4553
qemu-make-debian-root in qemu 0.9.1-5 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on temporary files and directories.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 12.9%
CVSS Severity
CVSS v2 Score 7.2
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496394
- http://dev.gentoo.org/~rbu/security/debiantemp/qemu
- http://secunia.com/advisories/32335
- http://uvw.ru/report.lenny.txt
- http://www.debian.org/security/2008/dsa-1657
- http://www.openwall.com/lists/oss-security/2008/10/13/2
- http://www.openwall.com/lists/oss-security/2008/10/14/4
- http://www.openwall.com/lists/oss-security/2008/10/30/2
- http://www.securityfocus.com/bid/30931
- https://bugs.gentoo.org/show_bug.cgi?id=235770
- https://bugs.gentoo.org/show_bug.cgi?id=235826
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44831
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496394
- http://dev.gentoo.org/~rbu/security/debiantemp/qemu
- http://secunia.com/advisories/32335
- http://uvw.ru/report.lenny.txt
- http://www.debian.org/security/2008/dsa-1657
- http://www.openwall.com/lists/oss-security/2008/10/13/2
- http://www.openwall.com/lists/oss-security/2008/10/14/4
- http://www.openwall.com/lists/oss-security/2008/10/30/2
- http://www.securityfocus.com/bid/30931
- https://bugs.gentoo.org/show_bug.cgi?id=235770
- https://bugs.gentoo.org/show_bug.cgi?id=235826
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44831
Products affected by CVE-2008-4553
-
cpe:2.3:a:qemu:qemu:0.9.1-5
-
cpe:2.3:o:debian:debian_linux:-
-
cpe:2.3:o:debian:debian_linux:0.9.1
-
cpe:2.3:o:debian:debian_linux:0.9.2
-
cpe:2.3:o:debian:debian_linux:0.9.3
-
cpe:2.3:o:debian:debian_linux:0.9.4
-
cpe:2.3:o:debian:debian_linux:0.93
-
cpe:2.3:o:debian:debian_linux:1.1
-
cpe:2.3:o:debian:debian_linux:1.2
-
cpe:2.3:o:debian:debian_linux:1.3
-
cpe:2.3:o:debian:debian_linux:1.3.1
-
cpe:2.3:o:debian:debian_linux:10
-
cpe:2.3:o:debian:debian_linux:10.0
-
cpe:2.3:o:debian:debian_linux:11.0
-
cpe:2.3:o:debian:debian_linux:12.0
-
cpe:2.3:o:debian:debian_linux:13.0
-
cpe:2.3:o:debian:debian_linux:2.0
-
cpe:2.3:o:debian:debian_linux:2.0.34
-
cpe:2.3:o:debian:debian_linux:2.0.5
-
cpe:2.3:o:debian:debian_linux:2.1
-
cpe:2.3:o:debian:debian_linux:2.1.8.8.p3-1.1
-
cpe:2.3:o:debian:debian_linux:2.2
-
cpe:2.3:o:debian:debian_linux:2.3
-
cpe:2.3:o:debian:debian_linux:2.5.2-1
-
cpe:2.3:o:debian:debian_linux:2.5.3-16
-
cpe:2.3:o:debian:debian_linux:2.5.3-3
-
cpe:2.3:o:debian:debian_linux:3.0
-
cpe:2.3:o:debian:debian_linux:3.0.18
-
cpe:2.3:o:debian:debian_linux:3.0.23
-
cpe:2.3:o:debian:debian_linux:3.1
-
cpe:2.3:o:debian:debian_linux:3.2.4
-
cpe:2.3:o:debian:debian_linux:4.0
-
cpe:2.3:o:debian:debian_linux:5.0
-
cpe:2.3:o:debian:debian_linux:5.0.9
-
cpe:2.3:o:debian:debian_linux:6.0
-
cpe:2.3:o:debian:debian_linux:6.0.14
-
cpe:2.3:o:debian:debian_linux:6.2
-
cpe:2.3:o:debian:debian_linux:7.0
-
cpe:2.3:o:debian:debian_linux:7.1
-
cpe:2.3:o:debian:debian_linux:8.0
-
cpe:2.3:o:debian:debian_linux:9.0
-
cpe:2.3:o:debian:debian_linux:9.2