CVE-2008-2958 Information

Description

Race condition in (1) checkinstall 1.6.1 and (2) installwatch allows local users to overwrite arbitrary files and have other impacts via symlink and possibly other attacks on temporary working directories.

Reference

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=488140 http://lists.alioth.debian.org/pipermail/secure-testing-team/2008-June/001672.html http://secunia.com/advisories/30873 https://exchange.xforce.ibmcloud.com/vulnerabilities/43440