CVE-2008-2266 - Vulnerability Details - OpenCVE

uulib/uunconc.c in UUDeview 0.5.20, as used in nzbget before 0.3.0 and possibly other products, allows local users to overwrite arbitrary files via a symlink attack on a temporary filename generated by the tempnam function. NOTE: this may be a CVE-2004-2265 regression.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Nzbget	Nzbget
Uudeview	Uudeview

Configuration 1 [-]

OR	cpe:2.3:a:nzbget:nzbget::::::::
	cpe:2.3:a:nzbget:nzbget:0.1.0a:::::::*
	cpe:2.3:a:nzbget:nzbget:0.1.1:::::::*
	cpe:2.3:a:nzbget:nzbget:0.1.2:::::::*
	cpe:2.3:a:nzbget:nzbget:0.2.0:::::::*
	cpe:2.3:a:nzbget:nzbget:0.2.1:::::::*
	cpe:2.3:a:uudeview:uudeview:0.5.20:::::::*

No data.

References

Link	Providers
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480972
http://secunia.com/advisories/30171
http://secunia.com/advisories/31420
http://security.gentoo.org/glsa/glsa-200808-11.xml
http://www.openwall.com/lists/oss-security/2008/05/14/10
http://www.openwall.com/lists/oss-security/2008/05/30/1
http://www.securityfocus.com/bid/29211
https://exchange.xforce.ibmcloud.com/vulnerabilities/42407

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2008-05-16T06:54:00

Updated: 2024-08-07T08:58:02.330Z

Reserved: 2008-05-16T00:00:00

Link: CVE-2008-2266

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2008-05-16T12:54:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2008-2266

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-05-12T00:00:00", "descriptions": [{"lang": "en", "value": "uulib/uunconc.c in UUDeview 0.5.20, as used in nzbget before 0.3.0 and possibly other products, allows local users to overwrite arbitrary files via a symlink attack on a temporary filename generated by the tempnam function. NOTE: this may be a CVE-2004-2265 regression."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-07T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "GLSA-200808-11", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200808-11.xml"}, {"tags": ["x_refsource_MISC"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480972"}, {"name": "31420", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31420"}, {"name": "30171", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30171"}, {"name": "[oss-security] 20080514 Re: CVE id request: uudeview", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2008/05/14/10"}, {"name": "29211", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/29211"}, {"name": "uudeview-tempnam-symlink(42407)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42407"}, {"name": "[oss-security] 20080530 Re: CVE id request: uudeview", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2008/05/30/1"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-2266", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "uulib/uunconc.c in UUDeview 0.5.20, as used in nzbget before 0.3.0 and possibly other products, allows local users to overwrite arbitrary files via a symlink attack on a temporary filename generated by the tempnam function. NOTE: this may be a CVE-2004-2265 regression."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "GLSA-200808-11", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200808-11.xml"}, {"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480972", "refsource": "MISC", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480972"}, {"name": "31420", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31420"}, {"name": "30171", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30171"}, {"name": "[oss-security] 20080514 Re: CVE id request: uudeview", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2008/05/14/10"}, {"name": "29211", "refsource": "BID", "url": "http://www.securityfocus.com/bid/29211"}, {"name": "uudeview-tempnam-symlink(42407)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42407"}, {"name": "[oss-security] 20080530 Re: CVE id request: uudeview", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2008/05/30/1"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T08:58:02.330Z"}, "title": "CVE Program Container", "references": [{"name": "GLSA-200808-11", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-200808-11.xml"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480972"}, {"name": "31420", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31420"}, {"name": "30171", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30171"}, {"name": "[oss-security] 20080514 Re: CVE id request: uudeview", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2008/05/14/10"}, {"name": "29211", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/29211"}, {"name": "uudeview-tempnam-symlink(42407)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42407"}, {"name": "[oss-security] 20080530 Re: CVE id request: uudeview", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2008/05/30/1"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-2266", "datePublished": "2008-05-16T06:54:00", "dateReserved": "2008-05-16T00:00:00", "dateUpdated": "2024-08-07T08:58:02.330Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nzbget:nzbget:*:*:*:*:*:*:*:*", "matchCriteriaId": "3F0E718E-22D6-4C6F-AD52-8ABEC11ADE9E", "versionEndIncluding": "0.2.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:nzbget:nzbget:0.1.0a:*:*:*:*:*:*:*", "matchCriteriaId": "9F64E6FB-0130-468F-B4CD-40980F72CAC4", "vulnerable": true}, {"criteria": "cpe:2.3:a:nzbget:nzbget:0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "6F0AB021-5192-41B7-AC3A-991EFF70D6D1", "vulnerable": true}, {"criteria": "cpe:2.3:a:nzbget:nzbget:0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "376DBF2C-76EC-4B01-82B6-C6178254F764", "vulnerable": true}, {"criteria": "cpe:2.3:a:nzbget:nzbget:0.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "707996F6-E50E-4D68-872E-8305E16D37DA", "vulnerable": true}, {"criteria": "cpe:2.3:a:nzbget:nzbget:0.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "BD5DE978-1657-449A-9BFB-41CF18AB219A", "vulnerable": true}, {"criteria": "cpe:2.3:a:uudeview:uudeview:0.5.20:*:*:*:*:*:*:*", "matchCriteriaId": "FD07DA0F-7E63-4166-A833-ED51DEFFC939", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "uulib/uunconc.c in UUDeview 0.5.20, as used in nzbget before 0.3.0 and possibly other products, allows local users to overwrite arbitrary files via a symlink attack on a temporary filename generated by the tempnam function. NOTE: this may be a CVE-2004-2265 regression."}, {"lang": "es", "value": "En la biblioteca uulib/uunconc.c en UUDeview versi\u00f3n 0.5.20, como es usado en nzbget versiones anteriores a 0.3.0 y posiblemente en otros productos, permite a usuarios locales sobrescribir archivos arbitrarios por medio de un ataque de tipo symlink sobre un nombre de archivo temporal generado por la funci\u00f3n tempnam. NOTA: este puede ser una regresi\u00f3n de CVE-2004-2265."}], "id": "CVE-2008-2266", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-05-16T12:54:00.000", "references": [{"source": "cve@mitre.org", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480972"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/30171"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/31420"}, {"source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200808-11.xml"}, {"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2008/05/14/10"}, {"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2008/05/30/1"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/29211"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42407"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480972"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/30171"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/31420"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200808-11.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2008/05/14/10"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2008/05/30/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/29211"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42407"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-59"}], "source": "nvd@nist.gov", "type": "Primary"}]}