thttpd on Debian GNU/Linux, and possibly other distributions, allows local users to create or touch arbitrary files via a symlink attack on the start_thttpd temporary file.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Thttpd |
Acme_labs |
2.25b |
2.25b |
References