Symlink Vulnerability in Ampache Music Streaming Application
CVE-2008-3929

Currently unrated

Key Information:

Vendor

Ampache

Status
Ampache
Vendor
CVE Published:
4 September 2008

What is CVE-2008-3929?

The music streaming application, Ampache version 3.4.1, contains a vulnerability in the 'gather-messages.sh' script that allows local users to exploit symlink attacks. By manipulating the '/tmp/filelist' temporary file, an attacker can overwrite arbitrary files on the system, potentially compromising sensitive data and interrupting the application's functionality. It is crucial for users to be aware of this issue and apply the necessary mitigations to safeguard their installations.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://security.gentoo.org/glsa/glsa-200812-22.xml
vendor-advisoryx_refsource_GENTOO
http://www.openwall.com/lists/oss-security/2008/10/30/2
mailing-listx_refsource_MLIST
http://dev.gentoo.org/~rbu/security/debiantemp/ampache
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.