Vulnerability CVE-2008-4474

Vulnerability Name:

CVE-2008-4474 (CCN-44814)

Assigned:

2008-08-24

Published:

2008-08-24

Updated:

2009-02-06

Summary:

freeradius-dialupadmin in freeradius 2.0.4 allows local users to overwrite arbitrary files via a symlink attack on temporary files in (1) backup_radacct, (2) clean_radacct, (3) monthly_tot_stats, (4) tot_stats, and (5) truncate_radacct.

CVSS v3 Severity:

4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
6.2 Medium (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:H/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

1.9 Low (CCN CVSS v2 Vector: AV:L/AC:M/Au:N/C:N/I:P/A:N)
1.6 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-59

Vulnerability Consequences:

File Manipulation

References:

Source: CCN
Type: Debian Bug report logs - #496389
The possibility of attack with the help of symlinks in some Debian packages

Source: CONFIRM
Type: UNKNOWN
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496389

Source: MITRE
Type: CNA
CVE-2008-4474

Source: CONFIRM
Type: UNKNOWN
http://dev.gentoo.org/~rbu/security/debiantemp/freeradius-dialupadmin

Source: CCN
Type: FreeRADIUS Web site
Press Releases, 05 December 2008 - Version 2.1.3 has been released

Source: MLIST
Type: UNKNOWN
[debian-devel] 20080811 Possible mass bug filing: The possibility of attack with the help of symlinks in some Debian packages

Source: SUSE
Type: UNKNOWN
SUSE-SR:2008:028

Source: CCN
Type: freeradius-dialupadmin Web page
Package: freeradius-dialupadmin (2.0.4+dfsg-5)

Source: CCN
Type: SA32170
FreeRADIUS "dialup_admin" Insecure Temporary Files

Source: SECUNIA
Type: UNKNOWN
32170

Source: SECUNIA
Type: UNKNOWN
33151

Source: MISC
Type: UNKNOWN
http://uvw.ru/report.lenny.txt

Source: MLIST
Type: UNKNOWN
[oss-security] 20081030 CVE requests: tempfile issues for aview, mgetty, openoffice, crossfire

Source: CCN
Type: OSVDB ID: 48936
FreeRADIUS freeradius-dialupadmin Multiple Temporary File Symlink Arbitrary File Overwrite

Source: BID
Type: UNKNOWN
30901

Source: CCN
Type: BID-30901
FreeRADIUS Dialup Admin Insecure Temporary File Creation Vulnerabilities

Source: CONFIRM
Type: UNKNOWN
https://bugs.gentoo.org/show_bug.cgi?id=235770

Source: XF
Type: UNKNOWN
freeradiusdialupadmin-file-symlink(44814)

Source: SUSE
Type: SUSE-SR:2008:028
SUSE Security Summary Report

Vulnerable Configuration:

Configuration 1:

cpe:/a:freeradius:freeradius:2.0.4:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20084474	V	CVE-2008-4474	2022-06-30
oval:org.opensuse.security:def:42305	P	Security update for salt (Important)	2022-06-24
oval:org.opensuse.security:def:112250	P	freeradius-server-3.0.23-1.5 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:26224	P	Security update for libvirt (Important)	2022-01-05
oval:org.opensuse.security:def:31325	P	Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)	2021-12-14
oval:org.opensuse.security:def:26180	P	Security update for php74 (Moderate)	2021-12-06
oval:org.opensuse.security:def:33052	P	Security update for openexr (Moderate)	2021-12-01
oval:org.opensuse.security:def:26166	P	Security update for php74 (Moderate)	2021-11-18
oval:org.opensuse.security:def:32204	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-10-18
oval:org.opensuse.security:def:105778	P	freeradius-server-3.0.23-1.5 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:32185	P	Security update for ghostscript (Critical)	2021-09-21
oval:org.opensuse.security:def:31680	P	Security update for transfig (Moderate)	2021-09-16
oval:org.opensuse.security:def:31681	P	Security update for gtk-vnc (Moderate)	2021-09-16
oval:org.opensuse.security:def:26127	P	Security update for postgresql12 (Moderate)	2021-09-16
oval:org.opensuse.security:def:31675	P	Security update for bind (Moderate)	2021-08-30
oval:org.opensuse.security:def:31253	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)	2021-08-25
oval:org.opensuse.security:def:26103	P	Security update for the Linux Kernel (Important)	2021-08-10
oval:org.opensuse.security:def:42106	P	Security update for libvirt (Moderate)	2021-07-27
oval:org.opensuse.security:def:31233	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-07-27
oval:org.opensuse.security:def:26078	P	Security update for libxml2 (Moderate)	2021-06-18
oval:org.opensuse.security:def:32119	P	Security update for java-1_8_0-openjdk (Moderate)	2021-06-15
oval:org.opensuse.security:def:36404	P	freeradius-server-devel-2.1.1-7.18.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42535	P	freeradius-server-2.1.1-7.18.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36128	P	freeradius-server-2.1.1-7.18.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:31621	P	Security update for djvulibre (Important)	2021-05-19
oval:org.opensuse.security:def:31168	P	Security update for cups (Important)	2021-04-30
oval:org.opensuse.security:def:31167	P	Security update for java-1_7_0-openjdk (Moderate)	2021-04-29
oval:org.opensuse.security:def:32080	P	Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3) (Important)	2021-04-28
oval:org.opensuse.security:def:26029	P	Security update for the Linux Kernel (Important)	2021-04-15
oval:org.opensuse.security:def:31606	P	Security update for clamav (Important)	2021-04-14
oval:org.opensuse.security:def:26026	P	Security update for cifs-utils (Moderate)	2021-04-13
oval:org.opensuse.security:def:26025	P	Security update for openexr (Moderate)	2021-04-07
oval:org.opensuse.security:def:31366	P	Security update for wavpack (Important)	2021-03-24
oval:org.opensuse.security:def:31365	P	Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3) (Important)	2021-03-17
oval:org.opensuse.security:def:33091	P	Security update for openldap2 (Important)	2021-03-03
oval:org.opensuse.security:def:31732	P	Security update for krb5-appl (Important)	2021-02-19
oval:org.opensuse.security:def:32260	P	Security update for java-1_7_1-ibm (Important)	2021-02-18
oval:org.opensuse.security:def:31730	P	Security update for bind (Important)	2021-02-18
oval:org.opensuse.security:def:26157	P	Security update for the Linux Kernel (Important)	2021-02-09
oval:org.opensuse.security:def:32141	P	Security update for MozillaFirefox (Important)	2021-01-29
oval:org.opensuse.security:def:31179	P	Security update for dovecot22 (Important)	2021-01-04
oval:org.opensuse.security:def:31625	P	Security update for flac (Moderate)	2021-01-04
oval:org.opensuse.security:def:32823	P	Security update for postgresql12 (Important)	2020-12-04
oval:org.opensuse.security:def:35699	P	freeradius-server-2.1.1-7.10.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:41954	P	freeradius-server-2.1.1-7.7.19.77 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35898	P	freeradius-server-2.1.1-7.16.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35547	P	freeradius-server-2.1.1-7.7.19.77 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:25460	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:26583	P	libarchive2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25954	P	Security update for libvirt (Moderate)	2020-12-01
oval:org.opensuse.security:def:25383	P	Security update for libX11 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31777	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:25652	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:32048	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:26671	P	apache2-mod_php53 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26699	P	freeradius-server on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25676	P	Security update for postgresql, postgresql96, postgresql10 and postgresql12 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31882	P	Security update for dnsmasq (Important)	2020-12-01
oval:org.opensuse.security:def:27091	P	bind on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25790	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:31835	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:31595	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:26238	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25880	P	Security update for libvirt (Moderate)	2020-12-01
oval:org.opensuse.security:def:31943	P	Security update for gnutls (Moderate)	2020-12-01
oval:org.opensuse.security:def:25251	P	Security update for java-1_7_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:31385	P	Security update for openvpn-openssl1 (Important)	2020-12-01
oval:org.opensuse.security:def:26254	P	Security update for dia (Moderate)	2020-12-01
oval:org.opensuse.security:def:32348	P	Security update for sqlite3 (Important)	2020-12-01
oval:org.opensuse.security:def:32512	P	freeradius-server on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25677	P	Security update for raptor (Important)	2020-12-01
oval:org.opensuse.security:def:31469	P	Security update for ppc64-diag	2020-12-01
oval:org.opensuse.security:def:25968	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:25326	P	Security update for libvirt (Important)	2020-12-01
oval:org.opensuse.security:def:31534	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:26356	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:26512	P	Security update for pdns-recursor (Moderate)	2020-12-01
oval:org.opensuse.security:def:25689	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31904	P	Security update for foomatic-filters (Moderate)	2020-12-01
oval:org.opensuse.security:def:31016	P	Security update for java-1_7_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:25535	P	Security update for audiofile (Low)	2020-12-01
oval:org.opensuse.security:def:31975	P	Security update for jasper (Important)	2020-12-01
oval:org.opensuse.security:def:26409	P	Security update for lame (Important)	2020-12-01
oval:org.opensuse.security:def:25881	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:25675	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31769	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26897	P	freeradius-server on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25098	P	Security update for python-numpy (Important)	2020-12-01
oval:org.opensuse.security:def:31101	P	Security update for kernel-source (Important)	2020-12-01
oval:org.opensuse.security:def:25874	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:27367	P	ant on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31377	P	Security update for openssl1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26019	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25777	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:31987	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:25110	P	Security update for java-1_8_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:25449	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31583	P	Recommended update for tboot (Moderate)	2020-12-01
oval:org.opensuse.security:def:26530	P	clamav on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25830	P	Security update for libimobiledevice, usbmuxd (Important)	2020-12-01
oval:org.opensuse.security:def:32664	P	freeradius-server on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25953	P	Security update for gcc48 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25302	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:25524	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26632	P	puppet on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26664	P	aaa_base on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25965	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:25440	P	Security update for python-xdg (Moderate)	2020-12-01
oval:org.opensuse.security:def:31833	P	Security update for bind (Moderate)	2020-12-01
oval:org.opensuse.security:def:26453	P	Security update for kauth (Moderate)	2020-12-01
oval:org.opensuse.security:def:25733	P	Security update for mgetty (Moderate)	2020-12-01
oval:org.opensuse.security:def:26685	P	dhcp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31594	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:25827	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:31921	P	Security update for ghostscript-library (Important)	2020-12-01
oval:org.opensuse.security:def:27126	P	freeradius-server on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25250	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:32309	P	Security update for quagga (Moderate)	2020-12-01
oval:org.opensuse.security:def:32473	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:26295	P	Security update for LibreOffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:25929	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:25262	P	Security update for spamassassin (Important)	2020-12-01
oval:org.opensuse.security:def:31477	P	Security update for puppet (Moderate)	2020-12-01
oval:org.opensuse.security:def:26307	P	Security update for conntrack-tools (Moderate)	2020-12-01
oval:org.opensuse.security:def:32370	P	Recommended update for tboot (Moderate)	2020-12-01
oval:org.opensuse.security:def:25678	P	Security update for kernel-firmware (Important)	2020-12-01
oval:org.opensuse.security:def:31812	P	Security update for apache2 (Important)	2020-12-01
oval:org.opensuse.security:def:25982	P	Security update for bash (Moderate)	2020-12-01
oval:org.opensuse.security:def:32862	P	freeradius-server on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31015	P	Security update for java-1_7_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:25454	P	Security update for ucode-intel (Important)	2020-12-01
oval:org.opensuse.security:def:31819	P	Security update for augeas (Moderate)	2020-12-01
oval:org.opensuse.security:def:26395	P	Security update for MozillaThunderbird (Important)	2020-12-01
oval:org.opensuse.security:def:26547	P	freeradius-server on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25753	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:31961	P	Security update for guile (Low)	2020-12-01
oval:org.opensuse.security:def:26862	P	apache2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31027	P	Security update for java-1_7_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:25592	P	Security update for grub2 (Important)	2020-12-01
oval:org.opensuse.security:def:32031	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26729	P	krb5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25962	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:25728	P	Security update for python-cffi, python-cryptography (Moderate)	2020-12-01
oval:org.opensuse.security:def:31791	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:25099	P	Security update for systemd (Important)	2020-12-01
oval:org.opensuse.security:def:27402	P	freeradius-server-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25448	P	Security update for python3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31451	P	Security update for postgresql10 (Important)	2020-12-01
oval:org.opensuse.security:def:26379	P	Security update for irssi (Moderate)	2020-12-01
oval:org.opensuse.security:def:25816	P	Security update for libqt4 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32625	P	NetworkManager-gnome on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25174	P	Security update for tomcat (Important)	2020-12-01
oval:org.opensuse.security:def:31382	P	Security update for openvpn	2020-12-01
oval:org.opensuse.security:def:32414	P	Security update for wireshark (Moderate)	2020-12-01

BACK