CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-4832

rc.sysinit in initscripts 8.12-8.21 and 8.56.15-0.1 on rPath allows local users to delete arbitrary files via a symlink attack on a directory under (1) /var/lock or (2) /var/run. NOTE: this issue exists because of a race condition in an incorrect fix for CVE-2008-3524. NOTE: exploitation may require an unusual scenario in which rc.sysinit is executed other than at boot time.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 4.0%

CVSS Severity

CVSS v2 Score 6.9

References

Products affected by CVE-2008-4832

Rpath » Initscripts » Version: 8.12-8.21

cpe:2.3:a:rpath:initscripts:8.12-8.21
Rpath » Initscripts » Version: 8.56.15-0.1

cpe:2.3:a:rpath:initscripts:8.56.15-0.1
Rpath » Appliance Platform Linux Service » Version: 1

cpe:2.3:o:rpath:appliance_platform_linux_service:1
Rpath » Appliance Platform Linux Service » Version: 2

cpe:2.3:o:rpath:appliance_platform_linux_service:2
Rpath » Linux » Version: 1

cpe:2.3:o:rpath:linux:1
Rpath » Linux » Version: 2

cpe:2.3:o:rpath:linux:2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-4832

Products

Pricing

Contact Us