CVE-2012-3440
Red Hat Enterprise Linux 5 sudo Script - Arbitrary File Overwrite via Symlink Attack on Temporary File
Title source: llmDescription
A certain Red Hat script for sudo 1.7.2 on Red Hat Enterprise Linux (RHEL) 5 allows local users to overwrite arbitrary files via a symlink attack on the /var/tmp/nsswitch.conf.bak temporary file.
References (3)
Core 3
Core References
Vendor Advisory x_refsource_confirm
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
Exploit x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=844442
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/54868
Scores
EPSS
0.0043
EPSS Percentile
34.6%
Details
CWE
CWE-59
Status
published
Products (2)
redhat/enterprise_linux
5
todd_miller/sudo
1.7.2
Published
Aug 08, 2012
Tracked Since
Feb 18, 2026