CVE-2008-5394
published 2008-12-09CVE-2008-5394: /bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files…
high7.2CVSS 3.1
AVLACLAuNCCICAC
EXPLOIT
/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line (aka ut_line) field in a utmp entry.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | shadow | < shadow 1:4.1.1-6 (bookworm) | shadow 1:4.1.1-6 (bookworm) |
| debian | shadow | — | — |
| shadow_project | shadow | >= 0 < 1:4.1.1-6 | 1:4.1.1-6 |
| shadow_project | shadow | >= 0 < 1:4.1.1-6 | 1:4.1.1-6 |
| shadow_project | shadow | >= 0 < 1:4.1.1-6 | 1:4.1.1-6 |
| shadow_project | shadow | >= 0 < 1:4.1.1-6 | 1:4.1.1-6 |
CVSS provenance
nvd7.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
osv7.2HIGH