CVE Record: CVE-2008-4475

alert

Notice: Keyword searching of CVE Records is now available in the search box above. Keywords may include a CVE ID (e.g., CVE-2024-1234), or one or more keywords separated by a space (e.g., authorization, SQL Injection, cross site scripting, etc.). Learn more here.

alert

Notice: Keyword searching of CVE Records is now available in the search box above. Keywords may include a CVE ID (e.g., CVE-2024-1234), or one or more keywords separated by a space (e.g., authorization, SQL Injection, cross site scripting, etc.). Learn more here.

Expand or collapse notification button

Required CVE Record Information

Description

ibackup 2.27 allows local users to overwrite arbitrary files via a symlink attack on temporary files.

Product Status

Information not provided

References 7 Total

Updated: 2024-08-07

This container includes required additional information provided by the CVE Program for this vulnerability.

References 7 Total

openwall.com: [oss-security] 20081030 CVE requests: tempfile issues for aview, mgetty, openoffice, crossfire
external site
mailing-listx_transferred
https://bugs.gentoo.org/show_bug.cgi?id=235770
external site
x_transferred
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496464
external site
x_transferred
http://dev.gentoo.org/~rbu/security/debiantemp/ibackup
external site
x_transferred
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496432
external site
x_transferred
exchange.xforce.ibmcloud.com: ibackup-unspecified-symlink(45852)
external site
vdb-entryx_transferred
lists.debian.org: [debian-devel] 20080811 Possible mass bug filing: The possibility of attack with the help of symlinks in some Debian packages
external site
mailing-listx_transferred