Published: 17/07/2009 Updated: 13/02/2023

CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4

VMScore: 614

Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C

The configtest function in the Red Hat dhcpd init script for DHCP 3.0.1 in Red Hat Enterprise Linux (RHEL) 3 allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file, related to the "dhcpd -t" command.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat enterprise_linux 3.0
isc dhcp 3.0.1

Synopsis Critical: dhcp security update Type/Severity Security Advisory: Critical Topic Updated dhcp packages that fix two security issues are now available forRed Hat Enterprise Linux 3This update has been rated as having critical security impact by the RedHat Security Response Team Description ...

CWE-59 https://bugzilla.redhat.com/show_bug.cgi?id=510024 http://secunia.com/advisories/35831 http://www.redhat.com/support/errata/RHSA-2009-1154.html http://securitytracker.com/id?1022554 http://www.securityfocus.com/bid/35670 https://exchange.xforce.ibmcloud.com/vulnerabilities/51718 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6440 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11597 https://access.redhat.com/errata/RHSA-2009:1154 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2009-1893

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect