Candidate: CVE-2008-5312
PublicDate: 2008-12-03 17:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5312
Description:
 mailscanner 4.55.10 and other versions before 4.74.16-1 might allow local
 users to overwrite arbitrary files via a symlink attack on certain
 temporary files used by the (1) f-prot-autoupdate, (2) clamav-autoupdate,
 (3) panda-autoupdate.new, (4) trend-autoupdate.new, and (5)
 rav-autoupdate.new scripts in /etc/MailScanner/autoupdate/, a different
 vulnerability than CVE-2008-5140.
Ubuntu-Description:
Notes:
 kees> same as CVE-2008-5313?
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_mailscanner:
upstream_mailscanner: released (4.74.16-1)
dapper_mailscanner: ignored (reached end-of-life)
gutsy_mailscanner: needs-triage (reached end-of-life)
hardy_mailscanner: ignored (reached end-of-life)
intrepid_mailscanner: needs-triage (reached end-of-life)
jaunty_mailscanner: not-affected (4.74.16-1)
karmic_mailscanner: not-affected
lucid_mailscanner: not-affected
maverick_mailscanner: not-affected
natty_mailscanner: not-affected
oneiric_mailscanner: DNE
devel_mailscanner: DNE