Launchpad.net

CVE 2008-0666

Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on (1) the /tmp/pe.tmp.$$ temporary file used by wml_contrib/wmg.cgi and (2) temporary files used by wml_backend/p3_eperl/eperl_sys.c.

Related bugs and status

CVE-2008-0666 (Candidate) is related to these bugs:

Bug #191205: [wml] [CVE-2008-0665] [CVE-2008-0666] insecure temporary files

		In	Importance	Status
191205	[wml] [CVE-2008-0665] [CVE-2008-0666] insecure temporary files	wml (Ubuntu)	Low	Fix Released
191205	[wml] [CVE-2008-0665] [CVE-2008-0666] insecure temporary files	wml (Debian)	Unknown	Fix Released
191205	[wml] [CVE-2008-0665] [CVE-2008-0666] insecure temporary files	wml (Ubuntu Gutsy)	Low	Fix Released
191205	[wml] [CVE-2008-0665] [CVE-2008-0666] insecure temporary files	wml (Ubuntu Feisty)	Low	Fix Released
191205	[wml] [CVE-2008-0665] [CVE-2008-0666] insecure temporary files	wml (Ubuntu Edgy)	Low	Fix Released
191205	[wml] [CVE-2008-0665] [CVE-2008-0666] insecure temporary files	wml (Ubuntu Dapper)	Low	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://bugs.debian.org...
SECUNIA: 28856
DEBIAN: DSA-1492
BID: 27685
SECUNIA: 28829
GENTOO: GLSA-200803-23
SECUNIA: 29353
MANDRIVA: MDVSA-2008:076