mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 09:12:08 +00:00
827 B
827 B
CVE-2008-5394
Description
/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line (aka ut_line) field in a utmp entry.
POC
Reference
- http://bugs.debian.org/505071
- http://bugs.debian.org/505271
- http://securityreason.com/securityalert/4695
- https://www.exploit-db.com/exploits/7313
Github
No PoCs found on GitHub currently.