CVE-2008-4440

NameCVE-2008-4440
DescriptionThe to-upgrade plugin in feta 1.4.16 allows local users to overwrite arbitrary files via a symlink on the (1) /tmp/feta.install.$USER and (2) /tmp/feta.avail.$USER temporary files.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDSA-1643-1
Debian Bugs496397

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
fetasourceetch1.4.15+etch1DSA-1643-1
fetasource(unstable)1.4.16+nmu1low496397

Search for package or bug name: Reporting problems