Showing 1 - 1 of 1

CVE-2012-3440

Status Candidate

Overview

A certain Red Hat script for sudo 1.7.2 on Red Hat Enterprise Linux (RHEL) 5 allows local users to overwrite arbitrary files via a symlink attack on the /var/tmp/nsswitch.conf.bak temporary file.

Related Files

Red Hat Security Advisory 2012-1149-01: Posted Aug 8, 2012; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2012-1149-01 - The sudo utility allows system administrators to give certain users the ability to run commands as root. An insecure temporary file use flaw was found in the sudo package's post-uninstall script. A local attacker could possibly use this flaw to overwrite an arbitrary file via a symbolic link attack, or modify the contents of the "/etc/nsswitch.conf" file during the upgrade or removal of the sudo package. This update also fixes the following bugs:; tags | advisory, arbitrary, local, root; systems | linux, redhat; advisories | CVE-2012-3440; SHA-256 | beba8e6ed13cfb26fb7c7c1854aef7f93f140ed6cc736059b657a68db78e6e8f; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 380 files
Ubuntu 86 files
Debian 26 files
Gentoo 18 files
tmrswrr 10 files
Ph0s 5 files
R0ckE7 5 files
Google Security Research 4 files
Rahad Chowdhury 4 files
Chizuru Toyama 3 files

File Archives

Systems

AIX (429)
Apple (2,037)
BSD (375)
CentOS (57)
Cisco (1,926)
Debian (6,910)
Fedora (1,692)
FreeBSD (1,246)
Gentoo (4,379)
HPUX (880)
iOS (363)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (47,831)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (486)
RedHat (14,615)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,131)
UNIX (9,339)
UnixWare (187)
Windows (6,606)
Other

CVE-2012-3440

Overview

Related Files

File Archive:

November 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems