CVE-2008-4108 (retired)

Priority
Description
Tools/faqwiz/move-faqwiz.sh (aka the generic FAQ wizard moving tool) in
Python 2.4.5 might allow local users to overwrite arbitrary files via a
symlink attack on a tmp$RANDOM.tmp temporary file. NOTE: there may not be
common usage scenarios in which tmp$RANDOM.tmp is located in an untrusted
directory.
Notes
 mdeslaur> example script only
 jdstrand> shipped in /usr/share/doc/python2.[45]/examples in 8.04
Assigned-to
jdstrand
Package
Upstream:released
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Package
Upstream:released
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Package
Upstream:released
Ubuntu 12.04 ESM (Precise Pangolin):DNE
More Information

Updated: 2019-03-26 11:45:08 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)