Candidate: CVE-2008-4946
PublicDate: 2008-11-05 15:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4946
Description:
 convirt 0.8.2 allows local users to overwrite arbitrary files via a symlink
 attack on the /tmp/set_output temporary file, related to the (1)
 _template_/provision.sh, (2) Linux_CD_Install/provision.sh, (3)
 Fedora_PV_Install/provision.sh, (4) CentOS_PV_Install/provision.sh, (5)
 common/provision.sh, (6) example/provision.sh, and (7)
 Windows_CD_Install/provision.sh scripts in image_store/.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_convirt:
upstream_convirt: released (0.9.6-1)
dapper_convirt: DNE
gutsy_convirt: DNE
hardy_convirt: DNE
intrepid_convirt: needed (reached end-of-life)
jaunty_convirt: ignored (reached end-of-life)
karmic_convirt: not-affected (0.9.6-2)
lucid_convirt: not-affected
maverick_convirt: not-affected
devel_convirt: not-affected