Candidate: CVE-2008-5394
PublicDate: 2008-12-09 00:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5394
 https://ubuntu.com/security/notices/USN-695-1
Description:
 /bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux
 distributions, allows local users in the utmp group to overwrite arbitrary
 files via a symlink attack on a temporary file referenced in a line (aka
 ut_line) field in a utmp entry.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_shadow:
upstream_shadow: released (1:4.1.1-6)
dapper_shadow: released (1:4.0.13-7ubuntu3.4)
gutsy_shadow: released (1:4.0.18.1-9ubuntu0.2)
hardy_shadow: released (1:4.0.18.2-1ubuntu2.2)
intrepid_shadow: released (1:4.1.1-1ubuntu1.2)
devel_shadow: released (1:4.1.1-6ubuntu1)