CVE-2008-5374
published 2008-12-08CVE-2008-5374: bash-doc 3.2 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/cb#####.? temporary file, related to the (1) aliasconv.sh, (2)…
medium6.9CVSS 3.1
AVLACMAuNCCICAC
bash-doc 3.2 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/cb#####.? temporary file, related to the (1) aliasconv.sh, (2) aliasconv.bash, and (3) cshtobash scripts.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | bash | < bash 4.0-2 (bookworm) | bash 4.0-2 (bookworm) |
| gnu | bash | >= 0 < 4.0-2 | 4.0-2 |
| gnu | bash | >= 0 < 4.0-2 | 4.0-2 |
| gnu | bash | >= 0 < 4.0-2 | 4.0-2 |
| gnu | bash | >= 0 < 4.0-2 | 4.0-2 |
| matthias_klose | bash-doc | — | — |
CVSS provenance
nvd6.9MEDIUMAV:L/AC:M/Au:N/C:C/I:C/A:C
osv6.9MEDIUM