CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-5366

The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/probe-finished or (2) /tmp/ppp-errors temporary file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 4.8%

CVSS Severity

CVSS v2 Score 6.9

References

http://lists.debian.org/debian-devel/2008/08/msg00283.html
http://www.securityfocus.com/bid/32740
http://lists.debian.org/debian-devel/2008/08/msg00283.html
http://www.securityfocus.com/bid/32740

Products affected by CVE-2008-5366

Marco D'itri » Ppp » Version: 2.4.4

cpe:2.3:a:marco_d'itri:ppp:2.4.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-5366

Products

Pricing

Contact Us