CVE-2008-4832 - OpenCVE

rc.sysinit in initscripts 8.12-8.21 and 8.56.15-0.1 on rPath allows local users to delete arbitrary files via a symlink attack on a directory under (1) /var/lock or (2) /var/run. NOTE: this issue exists because of a race condition in an incorrect fix for CVE-2008-3524. NOTE: exploitation may require an unusual scenario in which rc.sysinit is executed other than at boot time.

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:M/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Rpath	Linux Appliance Platform Linux Service Initscripts

Configuration 1 [-]

AND

OR	cpe:2.3:a:rpath:initscripts:8.12-8.21:::::::*
	cpe:2.3:a:rpath:initscripts:8.56.15-0.1:::::::*

OR	cpe:2.3:o:rpath:appliance_platform_linux_service:1:::::::*
	cpe:2.3:o:rpath:appliance_platform_linux_service:2:::::::*
	cpe:2.3:o:rpath:linux:1:::::::*
	cpe:2.3:o:rpath:linux:2:::::::*

References

Link	Resource
http://secunia.com/advisories/32710
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0318
https://exchange.xforce.ibmcloud.com/vulnerabilities/46700
https://issues.rpath.com/browse/RPL-2857

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2008-11-17T23:00:00

Updated: 2017-08-07T12:57:01

Reserved: 2008-10-31T00:00:00

Link: CVE-2008-4832

JSON object: View

NVD Information

Status : Modified

Published: 2008-11-17T23:30:00.467

Modified: 2017-08-08T01:32:57.563

Link: CVE-2008-4832

JSON object: View

Redhat Information

No data.

CWE

CWE-59

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-11-12T00:00:00", "descriptions": [{"lang": "en", "value": "rc.sysinit in initscripts 8.12-8.21 and 8.56.15-0.1 on rPath allows local users to delete arbitrary files via a symlink attack on a directory under (1) /var/lock or (2) /var/run. NOTE: this issue exists because of a race condition in an incorrect fix for CVE-2008-3524. NOTE: exploitation may require an unusual scenario in which rc.sysinit is executed other than at boot time."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-07T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "32710", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/32710"}, {"name": "rpath-initscripts-rcsysinit-symlink(46700)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46700"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://issues.rpath.com/browse/RPL-2857"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0318"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-4832", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "rc.sysinit in initscripts 8.12-8.21 and 8.56.15-0.1 on rPath allows local users to delete arbitrary files via a symlink attack on a directory under (1) /var/lock or (2) /var/run. NOTE: this issue exists because of a race condition in an incorrect fix for CVE-2008-3524. NOTE: exploitation may require an unusual scenario in which rc.sysinit is executed other than at boot time."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "32710", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/32710"}, {"name": "rpath-initscripts-rcsysinit-symlink(46700)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46700"}, {"name": "https://issues.rpath.com/browse/RPL-2857", "refsource": "CONFIRM", "url": "https://issues.rpath.com/browse/RPL-2857"}, {"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0318", "refsource": "CONFIRM", "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0318"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-4832", "datePublished": "2008-11-17T23:00:00", "dateReserved": "2008-10-31T00:00:00", "dateUpdated": "2017-08-07T12:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:rpath:initscripts:8.12-8.21:*:*:*:*:*:*:*", "matchCriteriaId": "332AE477-DD2E-4012-9DFD-EC9A2FD5294C", "vulnerable": true}, {"criteria": "cpe:2.3:a:rpath:initscripts:8.56.15-0.1:*:*:*:*:*:*:*", "matchCriteriaId": "6887AA0A-EF95-4723-B059-C098935C60CF", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:rpath:appliance_platform_linux_service:1:*:*:*:*:*:*:*", "matchCriteriaId": "23EA5FFA-702B-49D1-AF5F-518DE7FA6099", "vulnerable": false}, {"criteria": "cpe:2.3:o:rpath:appliance_platform_linux_service:2:*:*:*:*:*:*:*", "matchCriteriaId": "55F9B489-0F83-4812-A2CA-A7607E7BCEAA", "vulnerable": false}, {"criteria": "cpe:2.3:o:rpath:linux:1:*:*:*:*:*:*:*", "matchCriteriaId": "A2B66383-4124-4579-BC8E-36DBE7ABB543", "vulnerable": false}, {"criteria": "cpe:2.3:o:rpath:linux:2:*:*:*:*:*:*:*", "matchCriteriaId": "48D2FD6E-C9C1-4DF0-9F01-E869FA97B153", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "rc.sysinit in initscripts 8.12-8.21 and 8.56.15-0.1 on rPath allows local users to delete arbitrary files via a symlink attack on a directory under (1) /var/lock or (2) /var/run. NOTE: this issue exists because of a race condition in an incorrect fix for CVE-2008-3524. NOTE: exploitation may require an unusual scenario in which rc.sysinit is executed other than at boot time."}, {"lang": "es", "value": "rc.sysinit en el paquete initscripts en sus versiones 8.12-8.21 y 8.56.15-0.1 de rPath permite a usuarios locales borrar archivos arbitrarios a trav\u00e9s de un ataque de seguimiento de enlace simb\u00f3licos sobre un directorio bajo (1) /var/lock o (2) /var/run. NOTA: Este problema existe debido a una condici\u00f3n de carrera en una incorrecta soluci\u00f3n a la vulnerabilidad CVE-2008-3524. NOTA: La explotaci\u00f3n podr\u00e1 exigir un escenario inusual en el que se ejecuta rc.sysinit en un momento distinto al arranque del sistema."}], "id": "CVE-2008-4832", "lastModified": "2017-08-08T01:32:57.563", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-11-17T23:30:00.467", "references": [{"source": "cve@mitre.org", "url": "http://secunia.com/advisories/32710"}, {"source": "cve@mitre.org", "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0318"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46700"}, {"source": "cve@mitre.org", "url": "https://issues.rpath.com/browse/RPL-2857"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-59"}], "source": "nvd@nist.gov", "type": "Primary"}]}