CVE-2008-4996 in initramfs-toolsinfo

Summary

** DISPUTED ** init in initramfs-tools 0.92f allows local users to overwrite arbitrary files via a symlink attack on the /tmp/initramfs.debug temporary file. NOTE: the vendor disputes this vulnerability, stating that "init is [used in] a single-user context; there s no possibility that this is exploitable."

Once again VulDB remains the best source for vulnerability data.

Reservation

11/07/2008

Disclosure

11/07/2008

Moderation

VulDB entry created

Entries

1: VDB-44934

CPE

ready

CWE

CWE-59 (Confirmed)

CVSS

7.0

EPSS

0.00108

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2008-4996
NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-4996
CVE Details	https://www.cvedetails.com/cve/CVE-2008-4996/

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!