Oval Definition:	oval:org.mitre.oval:def:6440
Revision Date: 2010-01-11 Version: 2 Title: Red Hat dhcpd init Script Symlink Flaw Lets Local Users Gain Elevated Privileges Description: The configtest function in the Red Hat dhcpd init script for DHCP 3.0.1 in Red Hat Enterprise Linux (RHEL) 3 allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file, related to the "dhcpd -t" command. Family: unix Class: vulnerability Status: ACCEPTED Reference(s): CVE-2009-1893 Platform(s): VMWare ESX Server 3 VMWare ESX Server 3.5 Product(s): Definition Synopsis AND VMWare ESX Server 3.0.3 is installed AND Patch ESX303-200910402-SG is not installed OR VMware ESX Server 3.5.0 is installed AND All patches must be installed to not be vulnerable Patch ESX350-200910406-SG is not installed OR Patch ESX350-200910401-SG is not installed
BACK