Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2008-5302

Published: 1 December 2008

Race condition in the rmtree function in File::Path 1.08 and 2.07 (lib/File/Path.pm) in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5303 due to affected versions.

Priority

Medium

Status

Package Release Status
perl
Launchpad, Ubuntu, Debian
upstream Needs triage

dapper Not vulnerable
(5.8.7-10ubuntu1.1)
gutsy
Released (5.8.8-7ubuntu3.4)
hardy
Released (5.8.8-12ubuntu0.3)
intrepid
Released (5.10.0-11.1ubuntu2.2)