First published: Tue Aug 05 2008(Updated: )
ibutils packages as shipped in Red Hat Enterprise Linux 4 and 5 are built to use insecure RPATH set in the ELF header of the ibmssh command. This issue can possibly be exploited by a local attacker to run arbitrary code as some other user if victim user can be convinced to run ibmssh command in an attacker controlled directory with specially crafted content. Affected binary: /usr/bin/ibmssh RPATH: refix/lib
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
OpenFabrics ibutils | =1.5.7-2 | |
Redhat Enterprise Linux | =6.0 | |
OpenFabrics ibutils | =1.2-11.2 | |
Redhat Enterprise Linux | =5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.