CVE-2008-4994

Name of the Vulnerable Software and Affected Versions xmcd version 2.6

Description The issue allows local users to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic.*pid temporary file, which is related to the ncsarmt and ncsawrap scripts in xmcd.

Recommendations For version 2.6, consider restricting access to the ncsarmt and ncsawrap scripts to prevent exploitation until a patch is available. As a temporary workaround, monitor and restrict the creation of symlinks on /tmp/Mosaic.*pid temporary files to minimize the risk of arbitrary file overwrites.