Vulnerability Details : CVE-2008-4936
faxspool in mgetty 1.1.36 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/faxsp.##### temporary file.
Exploit prediction scoring system (EPSS) score for CVE-2008-4936
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2008-4936
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Source |
|---|---|---|---|---|---|
|
6.9
|
MEDIUM | AV:L/AC:M/Au:N/C:C/I:C/A:C |
3.4
|
10.0
|
[email protected] |
CWE ids for CVE-2008-4936
-
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.Assigned by: [email protected] (Primary)
Vendor statements for CVE-2008-4936
-
Red Hat 2008-11-06Not vulnerable. This issue did not affect the versions of mgetty as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5, as they include patch that resolves this issue.
-
Mandriva 2008-12-09This issue was fixed on May 5, 2003 for all Mandriva Linux products.
-
http://www.securityfocus.com/bid/30927
-
https://bugs.gentoo.org/show_bug.cgi?id=235806
- https://bugs.gentoo.org/show_bug.cgi?id=235770
-
http://dev.gentoo.org/~rbu/security/debiantemp/mgetty-fax
Exploit
-
http://security.gentoo.org/glsa/glsa-200812-08.xml
- http://www.openwall.com/lists/oss-security/2008/10/30/2
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/44833
- http://uvw.ru/report.lenny.txt
-
http://bugs.debian.org/496403
- cpe:2.3:a:gert_doering:mgetty:1.1.36:*:*:*:*:*:*:*