CVE-2008-3524

rc.sysinit in initscripts before 8.76.3-1 on Fedora 9 and other Linux platforms allows local users to delete arbitrary files via a symlink attack on a file or directory under 1 /var/lock or 2 /var/run...

Fedora initscripts任意文件删除漏洞

BUGTRAQ ID: 31385 CVE ID：CVE-2008-3524 CNCVE ID：CNCVE-20083524 Fedora是一款基于Linux的发行版本。 Fedora initscripts存在问题，本地攻击者可以利用漏洞删除任意文件。 /etc/rc.sysinit包含如下脚本： | find -L /var/lock /var/run ! -type d -exec rm -f ; 在每次启动过程中，在/var/run或/var/lock目录下会有守护程序可写子目录如/var/run/openldap，当守护程序被破坏时，攻击者可以建立 |...

[SECURITY] Fedora 9 Update: initscripts-8.76.3-1

The initscripts package contains the basic system scripts used to boot your Red Hat or Fedora system, change runlevels, and shut the system down cleanly. Initscripts also contains the scripts that activate and deactivate most network interfaces...

Fedora 9 : initscripts-8.76.3-1 (2008-7667)

This update fixes an issue CVE-2008-3524 where a malicious user could cause system files to be removed on startup. It also fixes a bug when running on pre- Fedora-9 kernels, and cleans up some extraneous error messages. Note that Tenable Network Security has extracted the preceding description...

Authentication flaw

initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging...

CVE-2007-5686

initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging...

Linux initscripts weak permissions

Weak permissions for /var/log/btmp files cause information leak about unsuccessful logon attempt...

rPSA-2007-0214-1 initscripts

rPath Security Advisory: 2007-0214-1 Published: 2007-10-11 Products: rPath Linux 1 Rating: Minor Exposure Level Classification: Local Information Exposure Updated Versions: initscripts=conary.rpath.com@rpl:1/8.12-8.10-1 rPath Issue Tracking System: https://issues.rpath.com/browse/RPL-1825...

MDKA-2007:077 : console-tools

vt-is-UTF8 utility included in console-tools package, and used by Mandriva initscripts, can hang, causing random problems like preventing a local/remote system reboot, unless user take interactive action 27948. Also, when executed on a terminal different from a linux vt, it can cause errors and...

RHEL 3 : initscripts (RHSA-2006:0015)

Updated initscripts packages that fix a privilege escalation issue and several bugs are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The initscripts package contains the basic system scripts used to boot your Red Hat system,...

initscripts security update

CentOS Errata and Security Advisory CESA-2006:0015 Updated initscripts packages that fix a privilege escalation issue and several bugs are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The initscripts package contains the basic...

Moderate: Red Hat Security Advisory: initscripts security update

Updated initscripts packages that fix a privilege escalation issue and several bugs are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The initscripts package contains the basic system scripts used to boot your Red Hat system,...

security flaw

initscripts in Red Hat Enterprise Linux 4 does not properly handle certain environment variables when /sbin/service is executed, which allows local users with sudo permissions for /sbin/service to gain root privileges via unknown vectors...

RHEL 4 : initscripts (RHSA-2006:0016)

An updated initscripts package that fixes a privilege escalation issue and several bugs is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The initscripts package contains the basic system scripts used to boot your Red Hat system...

CVE-2005-3629

CVE-2005-3629 affects initscripts in Red Hat Enterprise Linux 4. A bug in how environment variables are handled when /sbin/service is executed allows a local user with sudo access to /sbin/service to run commands with root privileges. Public advisories (RHSA-2006:0015, RHSA-2006:0016) and CentOS/...

CVE-2005-3629

initscripts in Red Hat Enterprise Linux 4 does not properly handle certain environment variables when /sbin/service is executed, which allows local users with sudo permissions for /sbin/service to gain root privileges via unknown vectors...

Moderate: Red Hat Security Advisory: initscripts security update

An updated initscripts package that fixes a privilege escalation issue and several bugs is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The initscripts package contains the basic system scripts used to boot your Red Hat system...

security flaw

initscripts in Red Hat Enterprise Linux 4 does not properly handle certain environment variables when /sbin/service is executed, which allows local users with sudo permissions for /sbin/service to gain root privileges via unknown vectors...

CVE-2005-3629

initscripts in Red Hat Enterprise Linux 4 does not properly handle certain environment variables when /sbin/service is executed, which allows local users with sudo permissions for /sbin/service to gain root privileges via unknown vectors...

PT-2000-1038 · Unknown · Initscripts

Name of the Vulnerable Software and Affected Versions: initscripts affected versions not specified Description: The issue allows local users to gain privileges via a symlink attack. Recommendations: At the moment, there is no information about a newer version that contains a fix for this...