CVE-2012-3440

NONE EPSS 34.9%
Published Aug 8, 201213y ago · Modified Jun 16, 20262w ago
Find Similar
Published Aug 8, 2012 13y ago
Last Modified Jun 16, 2026 2w ago

Description

A certain Red Hat script for sudo 1.7.2 on Red Hat Enterprise Linux (RHEL) 5 allows local users to overwrite arbitrary files via a symlink attack on the /var/tmp/nsswitch.conf.bak temporary file.

Threat Intelligence

EPSS Exploit Probability
34.9% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-59

Affected Products 2

VendorProductVersionRange
todd_millersudo1.7.2any
redhatenterprise_linux5any

References 3

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.