CVE-2008-4476

sympa.pl in sympa 5.3.4 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/sympa_aliases.$$ temporary file. NOTE: wwsympa.fcgi was also reported, but the issue occurred in a dead function, so it is not a vulnerability.
Configurations

Configuration 1

cpe:2.3:a:sympa:sympa:5.3.4:*:*:*:*:*:*:*

Information

Published : 2008-10-07 09:11

Updated : 2017-08-08 01:32


NVD link : CVE-2008-4476

Mitre link : CVE-2008-4476

Products Affected
No products.
CWE