Symlink Vulnerability in aptlinex Allows File Overwrite by Local Users
CVE-2008-1901

Currently unrated

Key Information:

Vendor: Debian
Status: Aptlinex
Vendor: CVE Published:; 22 April 2008

Summary

The vulnerability in aptlinex versions prior to 0.91 allows local users to exploit a symlink attack on the gambas-apt.lock temporary file, potentially leading to the overwriting of arbitrary files. Attackers can create a symlink from the gambas-apt.lock file to any desired target file, thereby compromising system integrity and leading to unauthorized file modifications.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/41956

vdb-entryx_refsource_XF

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476588

x_refsource_CONFIRM

Timeline

Vulnerability published
Apr 22, 2008
Vulnerability Reserved
Apr 21, 2008