CVE-2008-3524

Name of the Vulnerable Software and Affected Versions initscripts versions prior to 8.76.3-1

Description The issue allows local users to delete arbitrary files via a symlink attack on a file or directory under /var/lock or /var/run. This is due to a vulnerability in the rc.sysinit script in initscripts.

Recommendations For initscripts versions prior to 8.76.3-1, update to version 8.76.3-1 or later to resolve the issue. As a temporary workaround, consider restricting access to the /var/lock and /var/run directories to minimize the risk of exploitation.