CVE-2008-5302 (retired)

Priority
Description
Race condition in the rmtree function in File::Path 1.08 and 2.07
(lib/File/Path.pm) in Perl 5.8.8 and 5.10.0 allows local users to create
arbitrary setuid binaries via a symlink attack, a different vulnerability
than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a
regression error related to CVE-2005-0448. It is different from
CVE-2008-5303 due to affected versions.
Assigned-to
kees
Package
Source: perl (LP Ubuntu Debian)
Upstream:needs-triage
More Information

Updated: 2019-03-26 11:46:04 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)