CVE-2008-4967

Name of the Vulnerable Software and Affected Versions linuxtrade version 3.65

Description The issue allows local users to overwrite arbitrary files via a symlink attack on the /tmp/bwk, /tmp/zzz, and /tmp/ggg temporary files. This is related to the linuxtrade.bwkvol, linuxtrade.wn, and moneyam.helper scripts.

Recommendations For linuxtrade version 3.65, consider restricting access to the temporary files /tmp/bwk, /tmp/zzz, and /tmp/ggg to prevent a symlink attack. Additionally, review the scripts linuxtrade.bwkvol, linuxtrade.wn, and moneyam.helper to ensure they handle temporary files securely.