VYPR
Unrated severityNVD Advisory· Published Dec 9, 2008· Updated Jun 16, 2026

CVE-2008-5394

CVE-2008-5394

Description

/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line (aka ut_line) field in a utmp entry.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Debian/Shadow2 versions
    cpe:2.3:a:debian:shadow:4.0.18.1:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:debian:shadow:4.0.18.1:*:*:*:*:*:*:*
    • (no CPE)range: = 4.0.18.1

Patches

Vulnerability mechanics

References

12

News mentions

0

No linked articles in our index yet.