CVE-2001-0946

Name of the Vulnerable Software and Affected Versions Red Hat version 7.2

Description The issue allows local users to create or change the modification dates of arbitrary files via a symlink attack on the LOW POWER temporary file. This could be used to cause a denial of service, for example by creating /etc/nologin and disabling logins.

Recommendations For Red Hat version 7.2, consider restricting access to the apmscript in Apmd to minimize the risk of exploitation. As a temporary workaround, avoid using the LOW POWER temporary file until the issue is resolved.