CVE-2008-2958
Published: 1 July 2008
Race condition in (1) checkinstall 1.6.1 and (2) installwatch allows local users to overwrite arbitrary files and have other impacts via symlink and possibly other attacks on temporary working directories.
Priority
Status
Package | Release | Status |
---|---|---|
checkinstall Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
feisty |
Ignored
(end of life, was needed)
|
|
gutsy |
Ignored
(end of life, was needed)
|
|
hardy |
Ignored
(end of life)
|
|
intrepid |
Not vulnerable
(1.6.1-7ubuntu1)
|
|
jaunty |
Not vulnerable
(1.6.1-7ubuntu1)
|
|
karmic |
Not vulnerable
(1.6.1-7ubuntu1)
|
|
lucid |
Not vulnerable
(1.6.1-7ubuntu1)
|
|
maverick |
Not vulnerable
(1.6.1-7ubuntu1)
|
|
natty |
Not vulnerable
(1.6.1-7ubuntu1)
|
|
oneiric |
Not vulnerable
(1.6.1-7ubuntu1)
|
|
upstream |
Released
(1.6.1-7)
|