CVE-2008-1078

Name of the Vulnerable Software and Affected Versions am-utils versions prior to 6.1.5

Description The issue affects the am-utils package in Gentoo Linux and potentially other distributions, allowing local users to exploit it and compromise the confidentiality, integrity, and availability of protected information. This can be achieved through a symlink attack on temporary files, specifically targeting the expn[PID] file, enabling local users to overwrite arbitrary files.

Recommendations For versions prior to 6.1.5, update to version 6.1.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the expn function to minimize the risk of exploitation.