{
  "modified": "2025-08-09T19:01:27Z",
  "published": "2008-12-09T00:30:00Z",
  "id": "CVE-2008-5394",
  "details": "/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line (aka ut_line) field in a utmp entry.",
  "references": [
    {
      "type": "ADVISORY",
      "url": "http://security.gentoo.org/glsa/glsa-200903-24.xml"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:062"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.ubuntu.com/usn/usn-695-1"
    },
    {
      "type": "WEB",
      "url": "http://bugs.debian.org/332198"
    },
    {
      "type": "WEB",
      "url": "http://bugs.debian.org/505071"
    },
    {
      "type": "WEB",
      "url": "http://bugs.debian.org/505271"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/52200"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/4695"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/498769/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/32552"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47037"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/7313"
    }
  ]
}