CVE-2007-2838

Name of the Vulnerable Software and Affected Versions: GSAMBAD version 0.1.4

Description: The issue allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gsambadtmp temporary file. This can lead to disruption of confidentiality, integrity, and availability of protected information. The exploitation of this issue can be carried out by a local attacker.

Recommendations: For GSAMBAD version 0.1.4, consider restricting access to the populate conns function in src/populate conns.c to minimize the risk of exploitation. As a temporary workaround, avoid using the /tmp/gsambadtmp temporary file until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.