CVE-2007-5495
First published: Wed Sep 12 2007(Updated: )
reported via secalert By default, the sealert program writes diagnostic messages to the file /tmp/sealert.log. It does not check to ensure that this file does not already exist, or that it is not a symbolic link. An unprivileged local attacker can exploit this flaw to cause arbitrary files writable by other users to be overwritten when those users run sealert. The sealert program is run automatically, without user action, as part of the default RHEL 5 GNOME desktop session. It does not appear to be possible for the attacker to cause arbitrary data to be written to sealert.log, but the previous contents of the file are erased.'
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Red Hat Enterprise Linux | =5.0 | |
| Red Hat Enterprise Linux Desktop | =5 | |
| Red Hat Setroubleshoot-server | =2.0.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi?id=288221
- http://www.redhat.com/support/errata/RHSA-2008-0061.html
- http://www.securityfocus.com/bid/29320
- http://securitytracker.com/id?1020077
- http://secunia.com/advisories/30339
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42591
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9705
- http://rhn.redhat.com/errata/RHSA-2008-0061.html
Frequently Asked Questions
What is the severity of CVE-2007-5495?
CVE-2007-5495 is considered a low severity vulnerability due to its exploitation requiring local access.
How do I fix CVE-2007-5495?
To fix CVE-2007-5495, ensure that the /tmp/sealert.log file does not exist or is not a symbolic link before running the sealert program.
What systems are affected by CVE-2007-5495?
CVE-2007-5495 affects systems using SELinux Setroubleshoot version 2.0.5.
Can CVE-2007-5495 be exploited remotely?
CVE-2007-5495 cannot be exploited remotely as it requires local access to the system.
Is CVE-2007-5495 a known issue in Red Hat products?
Yes, CVE-2007-5495 is a known issue in certain versions of Red Hat Enterprise Linux and SELinux Setroubleshoot.
- collector/nvd-historical
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/severity
- agent/references
- agent/weakness
- agent/last-modified-date
- agent/author
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2007-5495
- agent/event
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/redhat
- canonical/red hat enterprise linux
- version/red hat enterprise linux/5.0
- canonical/red hat enterprise linux desktop
- version/red hat enterprise linux desktop/5
- vendor/selinux
- canonical/red hat setroubleshoot-server
- version/red hat setroubleshoot-server/2.0.5