CVE-2008-4108
published 2008-09-18CVE-2008-4108: Tools/faqwiz/move-faqwiz.sh (aka the generic FAQ wizard moving tool) in Python 2.4.5 might allow local users to overwrite arbitrary files via a symlink attack…
PriorityP423high7.2CVSS 2.0
AVLACLAuNCCICAC
EPSS
0.38%
29.7th percentile
Tools/faqwiz/move-faqwiz.sh (aka the generic FAQ wizard moving tool) in Python 2.4.5 might allow local users to overwrite arbitrary files via a symlink attack on a tmp$RANDOM.tmp temporary file. NOTE: there may not be common usage scenarios in which tmp$RANDOM.tmp is located in an untrusted directory.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | python-defaults | — | — |
| python_software_foundation | python | — | — |
CVSS provenance
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
osv7.2HIGH
vendor_debian7.2LOW
vendor_redhat7.2HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
python: Generic FAQ wizard moving tool insecure auxiliary /tmp file usage (symlink attack possible)
vendor_redhat·2008-09-14·CVSS 7.2
CVE-2008-4108 [HIGH] python: Generic FAQ wizard moving tool insecure auxiliary /tmp file usage (symlink attack possible)
python: Generic FAQ wizard moving tool insecure auxiliary /tmp file usage (symlink attack possible)
Tools/faqwiz/move-faqwiz.sh (aka the generic FAQ wizard moving tool) in Python 2.4.5 might allow local users to overwrite arbitrary files via a symlink attack on a tmp$RANDOM.tmp temporary file. NOTE: there may not be common usage scenarios in which tmp$RANDOM.tmp is located in an untrusted directory.
Statement: Not vulnerable. This issue did not affect the versions of python as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.
Debian
CVE-2008-4108: python-defaults - Tools/faqwiz/move-faqwiz.sh (aka the generic FAQ wizard moving tool) in Python 2...
vendor_debian·2008·CVSS 7.2
CVE-2008-4108 [HIGH] CVE-2008-4108: python-defaults - Tools/faqwiz/move-faqwiz.sh (aka the generic FAQ wizard moving tool) in Python 2...
Tools/faqwiz/move-faqwiz.sh (aka the generic FAQ wizard moving tool) in Python 2.4.5 might allow local users to overwrite arbitrary files via a symlink attack on a tmp$RANDOM.tmp temporary file. NOTE: there may not be common usage scenarios in which tmp$RANDOM.tmp is located in an untrusted directory.
Scope: local
bullseye: open
GHSA
GHSA-j88g-9fp9-644j: Tools/faqwiz/move-faqwiz
ghsa_unreviewed·2022-05-02
CVE-2008-4108 [HIGH] CWE-59 GHSA-j88g-9fp9-644j: Tools/faqwiz/move-faqwiz
Tools/faqwiz/move-faqwiz.sh (aka the generic FAQ wizard moving tool) in Python 2.4.5 might allow local users to overwrite arbitrary files via a symlink attack on a tmp$RANDOM.tmp temporary file. NOTE: there may not be common usage scenarios in which tmp$RANDOM.tmp is located in an untrusted directory.
OSV
CVE-2008-4108: Tools/faqwiz/move-faqwiz
osv·2008-09-18·CVSS 7.2
CVE-2008-4108 [HIGH] CVE-2008-4108: Tools/faqwiz/move-faqwiz
Tools/faqwiz/move-faqwiz.sh (aka the generic FAQ wizard moving tool) in Python 2.4.5 might allow local users to overwrite arbitrary files via a symlink attack on a tmp$RANDOM.tmp temporary file. NOTE: there may not be common usage scenarios in which tmp$RANDOM.tmp is located in an untrusted directory.
No detection rules found.
No public exploits indexed.
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=498899http://marc.info/?l=oss-security&m=122148330903513&w=2http://marc.info/?l=oss-security&m=122152861617434&w=2http://securityreason.com/securityalert/4274http://www.securityfocus.com/bid/31184http://www.securitytracker.com/id?1020904http://www.vupen.com/english/advisories/2008/2659https://bugzilla.redhat.com/show_bug.cgi?id=462326https://exchange.xforce.ibmcloud.com/vulnerabilities/45161http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=498899http://marc.info/?l=oss-security&m=122148330903513&w=2http://marc.info/?l=oss-security&m=122152861617434&w=2http://securityreason.com/securityalert/4274http://www.securityfocus.com/bid/31184http://www.securitytracker.com/id?1020904http://www.vupen.com/english/advisories/2008/2659https://bugzilla.redhat.com/show_bug.cgi?id=462326https://exchange.xforce.ibmcloud.com/vulnerabilities/45161
2008-09-18
Published