Unrated severityNVD Advisory· Published Sep 15, 2008· Updated Apr 23, 2026
CVE-2008-4085
CVE-2008-4085
Description
plaiter in Plait before 1.6 allows local users to overwrite arbitrary files via a symlink attack on (1) cut.$$, (2) head.$$, (3) awk.$$, and (4) ps.$$ temporary files in /tmp/.
Affected products
20cpe:2.3:a:stephenjungels:plait:*:*:*:*:*:*:*:*+ 19 more
- cpe:2.3:a:stephenjungels:plait:*:*:*:*:*:*:*:*range: <=1.5.2
- cpe:2.3:a:stephenjungels:plait:0.50:*:*:*:*:*:*:*
- cpe:2.3:a:stephenjungels:plait:0.51:*:*:*:*:*:*:*
- cpe:2.3:a:stephenjungels:plait:0.52:*:*:*:*:*:*:*
- cpe:2.3:a:stephenjungels:plait:0.53:*:*:*:*:*:*:*
- cpe:2.3:a:stephenjungels:plait:0.54:*:*:*:*:*:*:*
- cpe:2.3:a:stephenjungels:plait:0.55:*:*:*:*:*:*:*
- cpe:2.3:a:stephenjungels:plait:0.55.1:*:*:*:*:*:*:*
- cpe:2.3:a:stephenjungels:plait:0.55.2:*:*:*:*:*:*:*
- cpe:2.3:a:stephenjungels:plait:0.99:*:*:*:*:*:*:*
- cpe:2.3:a:stephenjungels:plait:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:stephenjungels:plait:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:stephenjungels:plait:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:stephenjungels:plait:1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:stephenjungels:plait:1.3:*:*:*:*:*:*:*
- cpe:2.3:a:stephenjungels:plait:1.4:*:*:*:*:*:*:*
- cpe:2.3:a:stephenjungels:plait:1.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:stephenjungels:plait:1.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:stephenjungels:plait:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:stephenjungels:plait:1.5.1:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- sourceforge.net/project/shownotes.phpnvdPatch
- secunia.com/advisories/31617nvdVendor Advisory
- bugs.debian.org/cgi-bin/bugreport.cginvd
- dev.gentoo.org/~rbu/security/debiantemp/plaitnvd
- www.openwall.com/lists/oss-security/2008/10/30/2nvd
- www.securityfocus.com/bid/30928nvd
- bugs.gentoo.org/show_bug.cginvd
- exchange.xforce.ibmcloud.com/vulnerabilities/44786nvd
News mentions
0No linked articles in our index yet.