First published: Mon Jul 30 2012(Updated: )
A certain Red Hat script for sudo 1.7.2 on Red Hat Enterprise Linux (RHEL) 5 allows local users to overwrite arbitrary files via a symlink attack on the /var/tmp/nsswitch.conf.bak temporary file.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Todd Miller Sudo | =1.7.2 | |
Redhat Enterprise Linux | =5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.