First published: Tue Jul 07 2009(Updated: )
The configtest function in the Red Hat dhcpd init script for DHCP 3.0.1 in Red Hat Enterprise Linux (RHEL) 3 allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file, related to the "dhcpd -t" command.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Redhat Enterprise Linux | =3.0 | |
Redhat Enterprise Linux | =3.0 | |
Redhat Enterprise Linux | =3.0 | |
Redhat Enterprise Linux | =3.0 | |
ISC DHCP | =3.0.1-rc1 | |
ISC DHCP | =3.0.1-rc10 | |
ISC DHCP | =3.0.1-rc11 | |
ISC DHCP | =3.0.1-rc12 | |
ISC DHCP | =3.0.1-rc13 | |
ISC DHCP | =3.0.1-rc14 | |
ISC DHCP | =3.0.1-rc2 | |
ISC DHCP | =3.0.1-rc5 | |
ISC DHCP | =3.0.1-rc6 | |
ISC DHCP | =3.0.1-rc7 | |
ISC DHCP | =3.0.1-rc8 | |
ISC DHCP | =3.0.1-rc9 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.