CVE 2008-5138

passwdehd in libpam-mount 0.43 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/passwdehd.##### temporary file.

Related bugs and status

CVE-2008-5138 (Candidate) is related to these bugs:

Bug #179894: passwd, pam_mount, and LUKS/dm_crypt need better integration

Summary				In	Importance	Status
	179894	passwd, pam_mount, and LUKS/dm_crypt need better integration		cryptsetup (Ubuntu)	Wishlist	Confirmed

See the

CVE page on Mitre.org for more details.