PT-2001-2099 · Red Hat · Red Hat+1

Published

2001-12-04

Updated

2017-10-10

CVE-2001-0946

CVSS v2.0

3.6

Low

Vector

AV:L/AC:L/Au:N/C:N/I:P/A:P

Name of the Vulnerable Software and Affected Versions Red Hat version 7.2

Description The issue allows local users to create or change the modification dates of arbitrary files via a symlink attack on the LOW POWER temporary file. This could be used to cause a denial of service, for example by creating /etc/nologin and disabling logins.

Recommendations For Red Hat version 7.2, consider restricting access to the apmscript in Apmd to minimize the risk of exploitation. As a temporary workaround, avoid using the LOW POWER temporary file until the issue is resolved.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-0946

Affected Products

Apmd

Red Hat

PT-2001-2099 · Red Hat · Red Hat+1

CVE-2001-0946

Related Identifiers

Affected Products

References · 5