CVE-2008-2958

medium

Description

Race condition in (1) checkinstall 1.6.1 and (2) installwatch allows local users to overwrite arbitrary files and have other impacts via symlink and possibly other attacks on temporary working directories.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/43440

http://secunia.com/advisories/30873

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=488140

Details

Source: Mitre, NVD

Published: 2008-07-01

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 4.4

Vector: CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 4.7

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N

Severity: Medium

EPSS

EPSS: 0.00051