PT-2012-4713 · Todd Miller+1 · Sudo+1

Tomas Hoger

Published

2012-08-07

Updated

2023-02-13

CVE-2012-3440

CVSS v2.0

5.6

Medium

Vector

AV:L/AC:H/Au:N/C:N/I:C/A:C

Name of the Vulnerable Software and Affected Versions Red Hat Enterprise Linux (RHEL) 5 with sudo version 1.7.2

Description The issue allows local users to overwrite arbitrary files via a symlink attack on the /var/tmp/nsswitch.conf.bak temporary file. This is related to a certain Red Hat script for sudo.

Recommendations For Red Hat Enterprise Linux (RHEL) 5 with sudo version 1.7.2, consider restricting access to the temporary file /var/tmp/nsswitch.conf.bak to prevent symlink attacks until a patch is available. As a temporary workaround, avoid using the Red Hat script for sudo that utilizes this temporary file.

Exploit

Fix

Link Following

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-59

Related Identifiers

CVE-2012-3440

RHSA-2012:1149

RHSA-2012_1149

Affected Products

Red Hat

Sudo

PT-2012-4713 · Todd Miller+1 · Sudo+1

CVE-2012-3440

Weakness Enumeration

Related Identifiers

Affected Products

References · 6