CVE-2008-5155 in smsclientinfo

Summary

mail2sms.sh in smsclient 2.0.8z allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/header.##### or (2) /tmp/body.##### temporary file, or append data to arbitrary files via a symlink attack on the (3) /tmp/sms.log temporary file.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

11/18/2008

Disclosure

11/18/2008

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-59 (Confirmed)

CVSS

9.8

EPSS

0.00157

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2008-5155
NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-5155
CVE Details	https://www.cvedetails.com/cve/CVE-2008-5155/

◂ Previous Overview Next ▸

Interested in the pricing of exploits?

See the underground prices here!