CVE-2008-5394
EPSS 0.08%shadow - privilege escalation
發布日:2008/12/9修改日:2026/4/28
描述
/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line (aka ut_line) field in a utmp entry.
受影響套件(2)
- Debian/shadowfrom 0, < 1:4.1.1-6
- Debian/shadowfrom 0, < 1:4.0.18.1-7+etch1