Unrated severityNVD Advisory· Published Jul 1, 2008· Updated Apr 23, 2026

CVE-2008-2958

Description

Race condition in (1) checkinstall 1.6.1 and (2) installwatch allows local users to overwrite arbitrary files and have other impacts via symlink and possibly other attacks on temporary working directories.

Affected products

Checkinstall/Checkinstall
cpe:2.3:a:checkinstall:checkinstall:1.6.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.alioth.debian.org/pipermail/secure-testing-team/2008-June/001672.htmlnvdExploit
secunia.com/advisories/30873nvdVendor Advisory
bugs.debian.org/cgi-bin/bugreport.cginvd
exchange.xforce.ibmcloud.com/vulnerabilities/43440nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000