The SSL certificate setup program (genSslCert.sh) in Standards Based Linux Instrumentation for Manageability (SBLIM) sblim-sfcb 1.3.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /var/tmp/key.pem, (2) /var/tmp/cert.pem, and (3) /var/tmp/ssl.cnf temporary files.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2009-02-03T23:00:00
Updated: 2009-02-12T10:00:00
Reserved: 2009-02-03T00:00:00
Link: CVE-2009-0416
JSON object: View
NVD Information
Status : Modified
Published: 2009-02-03T23:30:01.047
Modified: 2009-02-20T06:47:30.703
Link: CVE-2009-0416
JSON object: View
Redhat Information
No data.
CWE