VDB
CVE-2008-1078
CVE-2008-1078
PUBLISHED
CVSS 7.199999809265137 HIGH
expn in the am-utils and net-fs packages for Gentoo, rPath Linux, and other distributions, allows local users to overwrite arbitrary files via a symlink attack on the expn[PID] temporary file. NOTE: this is the same issue as CVE-2003-0308.1.
EPSS 0.03% · 9.5th percentile
Risk Scores
CVSS 2.0
7.199999809265137
EPSS Score
0.03%
9.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | * |
| rpath | rpath_linux | |
| gentoo | linux |
Timeline
- Feb 29, 2008 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- FEDORA-2008-10755 vendor-advisory
- http://bugs.gentoo.org/show_bug.cgi?id=210158 url
- http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0088 url
- 29144 third-party-advisory
- 29694 third-party-advisory
- 20080228 rPSA-2008-0088-1 am-utils mailing-list
- https://issues.rpath.com/browse/RPL-2255 url
- 29187 third-party-advisory
- 28044 vdb
- GLSA-200804-09 vendor-advisory
- 33400 third-party-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2008-1078 advisory