Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 250476 (CVE-2008-5371) - <app-misc/screenie-1.30.0-r1 symlink attack (CVE-2008-5371)
Summary: <app-misc/screenie-1.30.0-r1 symlink attack (CVE-2008-5371)
Alias: CVE-2008-5371
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
Whiteboard: B3 [glsa]
Depends on:
Blocks: debian-tempfile
  Show dependency tree
Reported: 2008-12-10 04:59 UTC by stupendoussteve
Modified: 2009-09-09 13:34 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description stupendoussteve 2008-12-10 04:59:00 UTC
From CVE-2008-5371 (
 screenie in screenie 1.30.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/.screenie.##### temporary file.

Reproducible: Always
Comment 1 Stefan Behte (RETIRED) gentoo-dev Security 2009-03-22 19:02:04 UTC
I asked Marc, if he is getting this fixed, and he replied:

Sorry Craig, I do not have time to make changes on my OSS projects anymore, therefore I released the tool as OSS.


Debian has a patch:

Ali, can you have a look at this?
Comment 2 Alex Legler (RETIRED) archtester gentoo-dev Security 2009-06-08 16:19:12 UTC
Arches, please test and mark stable:
Target keywords : "amd64 hppa ia64 sparc x86"

+*screenie-1.30.0-r1 (08 Jun 2009)
+  08 Jun 2009; Alex Legler <> +screenie-1.30.0-r1.ebuild,
+  +files/screenie-CVE-2008-5371.patch:
+  Non-maintainer commit: Applying patch for CVE-2008-5371, bug 250476.
Comment 3 Ferris McCormick (RETIRED) gentoo-dev 2009-06-08 17:01:41 UTC
Sparc stable.
Comment 4 Christian Faulhammer (RETIRED) gentoo-dev 2009-06-08 19:07:27 UTC
x86 stable
Comment 5 Jeroen Roovers (RETIRED) gentoo-dev 2009-06-08 21:13:45 UTC
Stable for HPPA.
Comment 6 Raúl Porcel (RETIRED) gentoo-dev 2009-06-09 14:39:44 UTC
ia64 stable
Comment 7 Markus Meier gentoo-dev 2009-06-10 19:04:15 UTC
amd64 stable, all arches done.
Comment 8 Alex Legler (RETIRED) archtester gentoo-dev Security 2009-06-10 19:44:08 UTC
Vulnerable version removed.

GLSA voting, please.
As the Debian Symlink vulnerabilities usually got a GLSA, I vote YES.
Comment 9 Stefan Behte (RETIRED) gentoo-dev Security 2009-06-12 22:09:29 UTC
Yes, too. Request filed.
Comment 10 Alex Legler (RETIRED) archtester gentoo-dev Security 2009-09-09 13:34:58 UTC
GLSA 200909-09