Unrated severityNVD Advisory· Published Dec 9, 2008· Updated Apr 23, 2026

CVE-2008-5394

Description

/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line (aka ut_line) field in a utmp entry.

Affected products

Debian/Shadow
cpe:2.3:a:debian:shadow:4.0.18.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

bugs.debian.org/332198nvd
bugs.debian.org/505071nvd
bugs.debian.org/505271nvd
osvdb.org/52200nvd
security.gentoo.org/glsa/glsa-200903-24.xmlnvd
securityreason.com/securityalert/4695nvd
www.mandriva.com/security/advisoriesnvd
www.securityfocus.com/archive/1/498769/100/0/threadednvd
www.securityfocus.com/bid/32552nvd
www.ubuntu.com/usn/usn-695-1nvd
exchange.xforce.ibmcloud.com/vulnerabilities/47037nvd
www.exploit-db.com/exploits/7313nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000