CVE-2012-3440
NONE EPSS 34.9%
Published Aug 8, 201213y ago · Modified Jun 16, 20262w ago
Published Aug 8, 2012 13y ago
Last Modified Jun 16, 2026 2w ago
Description
A certain Red Hat script for sudo 1.7.2 on Red Hat Enterprise Linux (RHEL) 5 allows local users to overwrite arbitrary files via a symlink attack on the /var/tmp/nsswitch.conf.bak temporary file.
Threat Intelligence
EPSS Exploit Probability
34.9% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available
Weaknesses 1
CWE-59
Affected Products 2
| Vendor | Product | Version | Range |
|---|---|---|---|
| todd_miller | sudo | 1.7.2 | any |
| redhat | enterprise_linux | 5 | any |
References 3
- oracle.com http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- securityfocus.com http://www.securityfocus.com/bid/54868
- bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=844442
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.