CVE-2008-4936
EPSS 0.03%
Description
faxspool in mgetty 1.1.36 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/faxsp.##### temporary file.
How to fix CVE-2008-4936
To remediate CVE-2008-4936, upgrade the affected package to a fixed version below.
- Debian/mgetty—upgrade to 1.1.36-1.3 or later
Is CVE-2008-4936 being exploited?
Low — EPSS is 0.0%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 1.1.36-1.3