Date: Tue, 7 Oct 2008 17:05:13 -0400 (EDT) From: "Steven M. Christey" <coley@...us.mitre.org> To: oss-security@...ts.openwall.com cc: coley@...re.org Subject: Re: CVE id request: mon ====================================================== Name: CVE-2008-4477 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4477 Reference: MLIST:[debian-devel] 20080812 Re: Possible mass bug filing: The possibility of attack with the help of symlinks in some Debian packages Reference: URL:http://lists.debian.org/debian-devel/2008/08/msg00312.html Reference: CONFIRM:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496398 alert.d/test.alert in mon 0.99.2 allows local users to overwrite arbitrary files via a symlink attack on the test.alert.log temporary file.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.