Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.9
CVSSv2

CVE-2008-4832

Published: 17/11/2008 Updated: 08/08/2017
CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4
VMScore: 614
Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

rc.sysinit in initscripts 8.12-8.21 and 8.56.15-0.1 on rPath allows local users to delete arbitrary files via a symlink attack on a directory under (1) /var/lock or (2) /var/run. NOTE: this issue exists because of a race condition in an incorrect fix for CVE-2008-3524. NOTE: exploitation may require an unusual scenario in which rc.sysinit is executed other than at boot time.

Vulnerable Product Search on Vulmon Subscribe to Product

rpath initscripts 8.56.15-0.1

rpath initscripts 8.12-8.21

References

CWE-59https://issues.rpath.com/browse/RPL-2857http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0318http://secunia.com/advisories/32710https://exchange.xforce.ibmcloud.com/vulnerabilities/46700https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27842CVE-2024-30657CVE-2024-4534hardcodedSSRFCVE-2024-21683CVE-2024-5364file uploadCVE-2024-5371
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook