A flaw was found in katello-debug prior to 3.4.0 where certain scripts and log files used insecure temporary files. A local user could exploit this flaw to conduct a symbolic-link attack, allowing them to overwrite the contents of arbitrary files.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
theforeman katello |
||
redhat satellite 6.3 |
||
redhat satellite capsule 6.3 |