CVE-2008-4476
EPSS 0.02%發布日:2008/10/7修改日:2026/4/28
描述
sympa.pl in sympa 5.3.4 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/sympa_aliases.$$ temporary file. NOTE: wwsympa.fcgi was also reported, but the issue occurred in a dead function, so it is not a vulnerability.
受影響套件(1)
- Debian/sympafrom 0, < 5.3.4-5.1