CVE-2008-4832

NONE EPSS 20.0%
Published Nov 17, 200817y ago · Modified Jun 16, 20262w ago
Find Similar
Published Nov 17, 2008 17y ago
Last Modified Jun 16, 2026 2w ago

Description

rc.sysinit in initscripts 8.12-8.21 and 8.56.15-0.1 on rPath allows local users to delete arbitrary files via a symlink attack on a directory under (1) /var/lock or (2) /var/run. NOTE: this issue exists because of a race condition in an incorrect fix for CVE-2008-3524. NOTE: exploitation may require an unusual scenario in which rc.sysinit is executed other than at boot time.

Threat Intelligence

EPSS Exploit Probability
20.0% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-59

Affected Products 6

VendorProductVersionRange
rpathinitscripts8.12-8.21any
rpathinitscripts8.56.15-0.1any
rpathappliance_platform_linux_service1any
rpathappliance_platform_linux_service2any
rpathlinux1any
rpathlinux2any

References 4

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.