{"id":"CVE-2008-4968","details":"The (1) rccs and (2) STUFF scripts in lmbench 3.0-a7 allow local users to overwrite arbitrary files via a symlink attack on a /tmp/sdiff.##### temporary file.","modified":"2026-04-10T03:40:18.134812Z","published":"2008-11-06T15:55:51Z","references":[{"type":"ADVISORY","url":"http://secunia.com/advisories/32587"},{"type":"EVIDENCE","url":"http://dev.gentoo.org/~rbu/security/debiantemp/lmbench"},{"type":"WEB","url":"http://bugs.debian.org/496427"},{"type":"WEB","url":"http://uvw.ru/report.lenny.txt"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2008/10/30/2"},{"type":"WEB","url":"http://www.securityfocus.com/bid/30913"},{"type":"WEB","url":"https://bugs.gentoo.org/show_bug.cgi?id=235770"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44828"}],"schema_version":"1.7.5"}