CVE-2008-4941

NameCVE-2008-4941
Descriptionarb-common 0.0.20071207.1 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/arb_fdnaml_*, (b) /tmp/arb_pids_*, (c) /tmp/arbdsmz.html, and (d) /tmp/arbdsmz.htm temporary files, related to the (1) arb_fastdnaml and (2) dszmconnect.pl scripts.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs496396

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
arb (PTS)bullseye/non-free6.0.6-4fixed
bookworm/non-free6.0.6-5fixed
sid/non-free, trixie/non-free6.0.6-8fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
arbsource(unstable)0.0.20071207.1-5low496396
Search for package or bug name: Reporting problems