CVE-2012-3440

Sažetak

A certain Red Hat script for sudo 1.7.2 on Red Hat Enterprise Linux (RHEL) 5 allows local users to overwrite arbitrary files via a symlink attack on the /var/tmp/nsswitch.conf.bak temporary file.

Reference

https://bugzilla.redhat.com/show_bug.cgi?id=844442
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
http://www.securityfocus.com/bid/54868

CVSS

Base:	5.6
Impact:	9.2
Exploitability:	1.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:H/Au:N/C:N/I:C/A:C

Zadnje važnije ažuriranje

13-02-2023 - 04:34

Objavljeno

08-08-2012 - 10:26