CVE-2008-1078

Publication date 29 February 2008

Last updated 4 August 2025

Ubuntu priority

Description

expn in the am-utils and net-fs packages for Gentoo, rPath Linux, and other distributions, allows local users to overwrite arbitrary files via a symlink attack on the expn[PID] temporary file. NOTE: this is the same issue as CVE-2003-0308.1.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
am-utils	7.10 gutsy	Not affected
	7.04 feisty	Not affected
	6.10 edgy	Not affected
	6.06 LTS dapper	Not affected

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

http://bugs.gentoo.org/show_bug.cgi?id=210158
https://www.cve.org/CVERecord?id=CVE-2008-1078

CVE-2008-1078

Description

Status

References

Other references

Access our resources on patching vulnerabilities