Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 7 Oct 2008 17:05:13 -0400 (EDT)
From: "Steven M. Christey" <>
Subject: Re: CVE id request: mon

Name: CVE-2008-4477
Status: Candidate
Reference: MLIST:[debian-devel] 20080812 Re: Possible mass bug filing: The possibility of attack with the help of symlinks in some Debian packages
Reference: URL:
Reference: CONFIRM:

alert.d/test.alert in mon 0.99.2 allows local users to overwrite
arbitrary files via a symlink attack on the test.alert.log temporary

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.