Red Hat Apmd apmscript Symbolic Link File Creation

2001-12-04T00:00:00
ID OSVDB:5493
Type osvdb
Reporter Enrico Scholz(enrico.scholz@informatik.tu-chemnitz.de)
Modified 2001-12-04T00:00:00

Description

Vulnerability Description

Red Hat APMD Power Management Package contains a flaw that may allow a Local denial of service. The issue can be triggered by a local user by creating a symlink under certain conditions for /etc/sysconfig/apm-scripts/apmscript script which will result in loss of availability as the user with root privileges can change the file timestamps on other files.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

Red Hat APMD Power Management Package contains a flaw that may allow a Local denial of service. The issue can be triggered by a local user by creating a symlink under certain conditions for /etc/sysconfig/apm-scripts/apmscript script which will result in loss of availability as the user with root privileges can change the file timestamps on other files.

References:

Vendor Specific Advisory URL Security Tracker: 1002891 ISS X-Force ID: 8268 CVE-2001-0946