CVE-2008-5302

Priority
Description
Race condition in the rmtree function in File::Path 1.08 and 2.07
(lib/File/Path.pm) in Perl 5.8.8 and 5.10.0 allows local users to create
arbitrary setuid binaries via a symlink attack, a different vulnerability
than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a
regression error related to CVE-2005-0448. It is different from
CVE-2008-5303 due to affected versions.
Assigned-to
kees
Notes
Package
Source: perl (LP Ubuntu Debian)
Upstream:needs-triage
More Information

Updated: 2019-12-05 20:51:48 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)