CVE-2008-4832

Name of the Vulnerable Software and Affected Versions initscripts versions 8.12 through 8.21 initscripts versions 8.56.15-0.1

Description The issue is related to a race condition in the rc.sysinit script, which allows local users to delete arbitrary files via a symlink attack on directories under /var/lock or /var/run. This problem exists due to an incorrect fix for a previous issue. Exploitation may require a specific scenario where rc.sysinit is executed outside of boot time.

Recommendations For initscripts versions 8.12 through 8.21, consider restricting access to the rc.sysinit script to prevent unauthorized execution. For initscripts versions 8.56.15-0.1, restrict access to the rc.sysinit script to minimize the risk of exploitation. As a temporary workaround, consider disabling the execution of rc.sysinit outside of boot time to reduce the risk of arbitrary file deletion.