Robert Vogelgesang

Name of the Vulnerable Software and Affected Versions: Red Hat dhcpd version 3.0.1 in Red Hat Enterprise Linux (RHEL) 3 Description: The issue allows local users to overwrite arbitrary files via a symlink attack on a temporary file, related to the dhcpd init script's configtest function and the "dhcpd -t" command. Recommendations: For Red Hat dhcpd version 3.0.1 in Red Hat Enterprise Linux (RHEL) 3, consider restricting access to the configtest function in the dhcpd init script to prevent local users from overwriting arbitrary files until a fix is available.