Local File Overwrite Vulnerability in noip2 by No-IP
CVE-2008-5369

Currently unrated

Key Information:

Vendor: No-ip
Status: No-ip2
Vendor: CVE Published:; 8 December 2008

What is CVE-2008-5369?

The noip2 version 2.1.7 is vulnerable to a local file overwrite attack due to improper handling of temporary files located in /tmp. This flaw allows local users to create symbolic links that circumvent file permission restrictions, enabling them to overwrite arbitrary files on the system. This could lead to unauthorized access or modification of sensitive data, highlighting the importance of adhering to security best practices when handling temporary files.

References

http://lists.debian.org/debian-devel/2008/08/msg00283.html

mailing-listx_refsource_MLIST

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 8, 2008

No-ip

What is CVE-2008-5369?

References

Timeline