CVE-2008-4440

NameCVE-2008-4440
DescriptionThe to-upgrade plugin in feta 1.4.16 allows local users to overwrite arbitrary files via a symlink on the (1) /tmp/feta.install.$USER and (2) /tmp/feta.avail.$USER temporary files.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-1643-1
NVD severityhigh (attack range: local)
Debian Bugs496397

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
fetasource(unstable)1.4.16+nmu1low496397
fetasourceetch1.4.15+etch1highDSA-1643-1

Search for package or bug name: Reporting problems