Back to search
CVE-2008-4832
Published: Nov 17, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
rc.sysinit in initscripts 8.12-8.21 and 8.56.15-0.1 on rPath allows local users to delete arbitrary files via a symlink attack on a directory under (1) /var/lock or (2) /var/run. NOTE: this issue exists because of a race condition in an incorrect fix for CVE-2008-3524. NOTE: exploitation may require an unusual scenario in which rc.sysinit is executed other than at boot time.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
32710
third-party-advisory
x_refsource_SECUNIA
rpath-initscripts-rcsysinit-symlink(46700)
vdb-entry
x_refsource_XF
https://issues.rpath.com/browse/RPL-2857
x_refsource_CONFIRM
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0318
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now