CVE-2008-4406

Publication date 3 October 2008

Last updated 24 July 2024


Ubuntu priority

A certain Debian patch to the run scripts for sabre (aka xsabre) 0.2.4b allows local users to delete or overwrite arbitrary files via a symlink attack on unspecified .tmp files.

Status

Package Ubuntu Release Status
sabre 8.10 intrepid
Not affected
8.04 LTS hardy
Fixed 0.2.4b-23ubuntu0.8.04.1
7.10 gutsy
Fixed 0.2.4b-23ubuntu0.7.10.1
7.04 feisty Ignored end of life, was needed
6.06 LTS dapper
Fixed 0.2.4b-21ubuntu0.1

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package Patch details
sabre