Lucene search

PRIOn knowledge basePRION:CVE-2009-1893

HistoryJul 17, 2009 - 4:30 p.m.

Command injection

2009-07-1716:30:00

PRIOn knowledge base

www.prio-n.com

6.7 Medium

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.4%

JSON

The configtest function in the Red Hat dhcpd init script for DHCP 3.0.1 in Red Hat Enterprise Linux (RHEL) 3 allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file, related to the “dhcpd -t” command.

CPENameOperatorVersion
dhcpeq3.0.1 rc12
dhcpeq3.0.1 rc1
dhcpeq3.0.1 rc7
dhcpeq3.0.1 rc2
dhcpeq3.0.1 rc14
dhcpeq3.0.1 rc6
dhcpeq3.0.1 rc13
dhcpeq3.0.1 rc9
dhcpeq3.0.1 rc8
dhcpeq3.0.1 rc10

Name	Operator	Version
dhcp	eq	3.0.1 rc12
dhcp	eq	3.0.1 rc1
dhcp	eq	3.0.1 rc7
dhcp	eq	3.0.1 rc2
dhcp	eq	3.0.1 rc14
dhcp	eq	3.0.1 rc6
dhcp	eq	3.0.1 rc13
dhcp	eq	3.0.1 rc9
dhcp	eq	3.0.1 rc8
dhcp	eq	3.0.1 rc10

Rows per page:

1-10 of 161

References

secunia.com/advisories/35831

securitytracker.com/id?1022554

www.redhat.com/support/errata/RHSA-2009-1154.html

www.securityfocus.com/bid/35670

bugzilla.redhat.com/show_bug.cgi?id=510024

exchange.xforce.ibmcloud.com/vulnerabilities/51718

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11597

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6440

6.7 Medium

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.4%

JSON

Related for PRION:CVE-2009-1893