CVE-2007-3103

Fedoraproject Fedora Core - Symlink Following

Title source: rule

Description

The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by vl4dZ · bashlocallinux

https://www.exploit-db.com/exploits/5167

View Code ZIP pw:eip

References (22)

[Issue Tracking] http://bugs.gentoo.org/show_bug.cgi?id=185660

[Issue Tracking] https://issues.rpath.com/browse/RPL-1485

[Issue Tracking] http://bugzilla.redhat.com/242903

[Patch] http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=557

[Third Party Advisory, VDB Entry] http://osvdb.org/40945

[Vendor Advisory] http://secunia.com/advisories/26056

[Vendor Advisory] http://secunia.com/advisories/26081

[Vendor Advisory] http://secunia.com/advisories/26282

[Vendor Advisory] http://secunia.com/advisories/27240

[Vendor Advisory] http://secunia.com/advisories/35674

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2007-0519.html

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2007-0520.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/24888

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/35375

[Vendor Advisory] https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00095.html

[Vendor Advisory] https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00096.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/473869/100/0/threaded

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/5167

[Third Party Advisory] http://www.debian.org/security/2007/dsa-1342

[Third Party Advisory] http://security.gentoo.org/glsa/glsa-200710-11.xml

... and 2 more

Scores

EPSS 0.0008

EPSS Percentile 23.8%

Details

CWE

CWE-59

Status published

Products (4)

fedoraproject/fedora_core 6.0

redhat/enterprise_linux 4.0 (3 CPE variants)

redhat/enterprise_linux_desktop 4.0

redhat/linux

Published Jul 15, 2007

Tracked Since Feb 18, 2026