Debian Bug report logs -
#506350
CVE-2008-5141: allows local users to overwrite arbitrary files via a symlink attack
Package:
flamethrower;
Maintainer for flamethrower is dann frazier <dannf@debianorg>; Source for flamethrower is src:flamethrower (PTS, buildd, popcon)
Reported by: Raphael Geissert <atomo64@gmailcom>
...
Dmitry E Oboukhov discovered that flamethrower creates predictable temporary
filenames, which may lead to a local denial of service through a symlink
attack
For the stable distribution (etch), this problem has been fixed in version
018-1+etch1
For the unstable distribution (sid), this problem has been fixed in
version 018-2
We recommend tha ...