CVE-2009-1893 — Link Following in Dhcp

CWE-59 — Link Following CWE-377 — Insecure Temporary File5 documents5 sources

Severity

6.9MEDIUMNVD

EPSS

0.1%

top 76.62%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

ISC Dhcp Redhat Enterprise Linux

Timeline

PublishedJul 17

Latest updateMay 2

Description

The configtest function in the Red Hat dhcpd init script for DHCP 3.0.1 in Red Hat Enterprise Linux (RHEL) 3 allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file, related to the "dhcpd -t" command.

CVSS vector

AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0

Affected Packages1 packages

▶NVDisc/dhcp3.0.1

Also affects: Enterprise Linux 3.0

🔴Vulnerability Details

GHSA

GHSA-45mc-hh26-869m: The configtest function in the Red Hat dhcpd init script for DHCP 3↗2022-05-02

▶

CVEList

CVE-2009-1893: The configtest function in the Red Hat dhcpd init script for DHCP 3↗2009-07-17

▶

📋Vendor Advisories

Red Hat

dhcp: insecure temporary file use in the dhcpd init script↗2009-07-14

▶

💬Community

Bugzilla

CVE-2009-1893 dhcp: insecure temporary file use in the dhcpd init script↗2009-07-07

▶