TROYANOSYVIRUS
Zuruck zu CVEs

CVE-2008-3356

N/A

Beschreibung

verifydb in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), and Ingres 2006 release 2 (aka 9.1.0) on Linux and other Unix platforms sets the ownership or permissions of an iivdb.log file without verifying that it is the application's own log file, which allows local users to overwrite arbitrary files by creating a symlink with an iivdb.log filename.

CVE Details

CVSS v3.1 BewertungN/A
Veroffentlicht8/5/2008
Zuletzt geandert4/23/2026
Quellenvd
Honeypot-Sichtungen0

Betroffene Produkte

ingres:ingres

Schwachen (CWE)

CWE-264

Referenzen

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=731(cve@mitre.org)
http://secunia.com/advisories/31357(cve@mitre.org)
http://secunia.com/advisories/31398(cve@mitre.org)
http://securitytracker.com/id?1020613(cve@mitre.org)
http://www.ingres.com/support/security-alert-080108.php(cve@mitre.org)
http://www.securityfocus.com/archive/1/495177/100/0/threaded(cve@mitre.org)
http://www.securityfocus.com/bid/30512(cve@mitre.org)
http://www.vupen.com/english/advisories/2008/2292(cve@mitre.org)
http://www.vupen.com/english/advisories/2008/2313(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/44177(cve@mitre.org)
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=181989(cve@mitre.org)
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=731(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/31357(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/31398(af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1020613(af854a3a-2127-422b-91ae-364da2661108)
http://www.ingres.com/support/security-alert-080108.php(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/495177/100/0/threaded(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/30512(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2008/2292(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2008/2313(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/44177(af854a3a-2127-422b-91ae-364da2661108)
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=181989(af854a3a-2127-422b-91ae-364da2661108)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.