Description
The configtest function in the Red Hat dhcpd init script for DHCP 3.0.1 in Red Hat Enterprise Linux (RHEL) 3 allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file, related to the "dhcpd -t" command.
Affected products
- ISC / dhcp3.0.1 – 3.0.1
- ISC / dhcp3.0.1 – 3.0.1
- ISC / dhcp3.0.1 – 3.0.1
- ISC / dhcp3.0.1 – 3.0.1
- ISC / dhcp3.0.1 – 3.0.1
- ISC / dhcp3.0.1 – 3.0.1
- ISC / dhcp3.0.1 – 3.0.1
- ISC / dhcp3.0.1 – 3.0.1
- ISC / dhcp3.0.1 – 3.0.1
- ISC / dhcp3.0.1 – 3.0.1
- ISC / dhcp3.0.1 – 3.0.1
- ISC / dhcp3.0.1 – 3.0.1
- RedHat / enterprise_linux3.0 – 3.0
- RedHat / enterprise_linux3.0 – 3.0
- RedHat / enterprise_linux3.0 – 3.0
- RedHat / enterprise_linux3.0 – 3.0
References
- MISChttp://securitytracker.com/id?1022554
- MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11597
- MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6440
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/51718
- MISChttp://www.securityfocus.com/bid/35670
- VENDOR_ADVISORYhttp://secunia.com/advisories/35831
- MISChttps://bugzilla.redhat.com/show_bug.cgi?id=510024
- MISChttp://www.redhat.com/support/errata/RHSA-2009-1154.html