CVE-2008-4995

redirect.pl in bk2site 1.1.9 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/redirect.log temporary file. NOTE: this vulnerability is only limited to debug mode, which is disabled by default.

Date published : 2008-11-07

http://bugs.debian.org/496430

http://dev.gentoo.org/~rbu/security/debiantemp/bk2site