First published: Thu Nov 06 2008(Updated: )
scratchbox2 1.99.0.24 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/dpkg.#####.tmp, (b) /tmp/missing_deps.#####, and (c) /tmp/sb2-pkg-chk.$tstamp.##### temporary files, related to the (1) dpkg-checkbuilddeps and (2) sb2-check-pkg-mappings scripts.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Freedesktop Scratchbox2 | =1.99.0.24 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.