PT-2008-5650 · Sabre · Sabre

Kilian

Published

2008-10-03

Updated

2008-11-15

CVE-2008-4407

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions: sabre (aka xsabre) version 0.2.4b

Description: The issue allows local users to cause a denial of service, resulting in application unavailability. This occurs because the application relies on the ability to create a /tmp/sabre.log file, which can be exploited by creating a file that cannot be overwritten.

Recommendations: For sabre (aka xsabre) version 0.2.4b, consider restricting access to the /tmp directory to prevent unauthorized creation of the sabre.log file as a temporary workaround.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2008-4407

Affected Products

Sabre

PT-2008-5650 · Sabre · Sabre

CVE-2008-4407

Related Identifiers

Affected Products

References · 3