CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-5155

mail2sms.sh in smsclient 2.0.8z allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/header.##### or (2) /tmp/body.##### temporary file, or append data to arbitrary files via a symlink attack on the (3) /tmp/sms.log temporary file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 37.3%

CVSS Severity

CVSS v2 Score 9.3

References

http://lists.debian.org/debian-devel/2008/08/msg00347.html
http://uvw.ru/report.sid.txt
http://www.securityfocus.com/bid/32405
http://lists.debian.org/debian-devel/2008/08/msg00347.html
http://uvw.ru/report.sid.txt
http://www.securityfocus.com/bid/32405

Products affected by CVE-2008-5155

Smsclient » Smsclient » Version: 2.0.8z

cpe:2.3:a:smsclient:smsclient:2.0.8z

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-5155

Products

Pricing

Contact Us