Unknown · Initscripts · CVE-2008-3524
**Name of the Vulnerable Software and Affected Versions**
initscripts versions prior to 8.76.3-1
**Description**
The issue allows local users to delete arbitrary files via a symlink attack on a file or directory under /var/lock or /var/run. This is due to a vulnerability in the rc.sysinit script in initscripts.
**Recommendations**
For initscripts versions prior to 8.76.3-1, update to version 8.76.3-1 or later to resolve the issue. As a temporary workaround, consider restricting access to the /var/lock and /var/run directories to minimize the risk of exploitation.