Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3524

Overview

Vulnerability Score 4.7 4.7
CVE Id CVE-2008-3524
Last Modified 30 Oct 2012 11:01:20
Published 29 Sep 2008 01:17:29
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2008-3524

Summary

rc.sysinit in initscripts before 8.76.3-1 on Fedora 9 and other Linux platforms allows local users to delete arbitrary files via a symlink attack on a file or directory under (1) /var/lock or (2) /var/run.

Vulnerable Systems

Operating System

  • Redhat Fedora 9

Application

  • Redhat Initscripts 8.76.3


References

FEDORA - FEDORA-2008-7667

CONFIRM - https://issues.rpath.com/browse/RPL-2857

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=458652

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=458504

XF - initscripts-rcsysinit-symlink(45402)

BID - 31385

CONFIRM - http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0318

SECUNIA - 32037

SECUNIA - 32710


Last Updated: 27 May 2016 10:49:46