Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2009-1893
HistoryJul 17, 2009 - 4:30 p.m.

CVE-2009-1893

2009-07-1716:30:00
CWE-59
[email protected]
web.nvd.nist.gov
31
red hat
dhcp
configtest
local users
symlink attack
nvd

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.2

Confidence

High

EPSS

0

Percentile

5.1%

JSON

The configtest function in the Red Hat dhcpd init script for DHCP 3.0.1 in Red Hat Enterprise Linux (RHEL) 3 allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file, related to the “dhcpd -t” command.

Affected configurations

NVD
Node
redhatenterprise_linuxMatch3.0
OR
redhatenterprise_linuxMatch3.0as
OR
redhatenterprise_linuxMatch3.0es
OR
redhatenterprise_linuxMatch3.0ws
AND
iscdhcpMatch3.0.1rc1
OR
iscdhcpMatch3.0.1rc10
OR
iscdhcpMatch3.0.1rc11
OR
iscdhcpMatch3.0.1rc12
OR
iscdhcpMatch3.0.1rc13
OR
iscdhcpMatch3.0.1rc14
OR
iscdhcpMatch3.0.1rc2
OR
iscdhcpMatch3.0.1rc5
OR
iscdhcpMatch3.0.1rc6
OR
iscdhcpMatch3.0.1rc7
OR
iscdhcpMatch3.0.1rc8
OR
iscdhcpMatch3.0.1rc9
VendorProductVersionCPE
iscdhcp3.0.1cpe:/a:isc:dhcp:3.0.1:rc13::
iscdhcp3.0.1cpe:/a:isc:dhcp:3.0.1:rc14::
iscdhcp3.0.1cpe:/a:isc:dhcp:3.0.1:rc12::
iscdhcp3.0.1cpe:/a:isc:dhcp:3.0.1:rc11::
iscdhcp3.0.1cpe:/a:isc:dhcp:3.0.1:rc2::
iscdhcp3.0.1cpe:/a:isc:dhcp:3.0.1:rc6::
iscdhcp3.0.1cpe:/a:isc:dhcp:3.0.1:rc7::
redhatenterprise_linux3.0cpe:/o:redhat:enterprise_linux:3.0:::
iscdhcp3.0.1cpe:/a:isc:dhcp:3.0.1:rc1::
iscdhcp3.0.1cpe:/a:isc:dhcp:3.0.1:rc8::
Rows per page:
1-10 of 131

Related

prion 1
cvelist 1
nvd 1
openvas 6
centos 1
nessus 6
redhat 1
vmware 2
prion
prion
Command injection
2009-07-17 16:30:00
cvelist
cvelist
CVE-2009-1893
2009-07-17 16:00:00
nvd
nvd
CVE-2009-1893
2009-07-17 16:30:00
openvas
openvas
CentOS Update for dhclient CESA-2009:1154 centos3 i386
2011-08-09 00:00:00
CentOS Security Advisory CESA-2009:1154 (dhcp)
2009-07-29 00:00:00
RedHat Security Advisory RHSA-2009:1154
2009-07-29 00:00:00
centos
centos
dhclient, dhcp security update
2009-07-15 19:59:01
nessus
nessus
RHEL 3 : dhcp (RHSA-2009:1154)
2009-07-15 00:00:00
Scientific Linux Security Update : dhcp on SL3.x, SL4.x i386/x86_64
2012-08-01 00:00:00
CentOS 3 : dhcp (CESA-2009:1154)
2009-07-16 00:00:00
redhat
redhat
(RHSA-2009:1154) Critical: dhcp security update
2009-07-14 00:00:00
vmware
vmware
VMware ESX patches for DHCP, Service Console kernel, and JRE resolve multiple security issues
2009-10-16 00:00:00
VMware ESX patches for DHCP, Service Console kernel, and JRE resolve multiple security issues
2009-10-16 00:00:00

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.2

Confidence

High

EPSS

0

Percentile

5.1%

JSON
Related for CVE-2009-1893
prion1cvelist1nvd1openvas6centos1nessus6redhat1vmware2