CVE-2009-2904
MEDIUM severity · CVSS 6.9 · CWE-16
6.9CVSS MEDIUM
Summary
A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4.8, as used in sshd in OpenSSH 4.3 in Red Hat Enterprise Linux (RHEL) 5.4 and Fedora 11, allows local users to gain privileges via hard links to setuid programs that use configuration files within the chroot directory, related to requirements for directory ownership.
Impact & exploitability
Attack vectorLocal
Attack complexity—
Privileges required—
User interaction—
Confidentiality impact—
Integrity impact—
Availability impact—
Exploit probability (EPSS)0%
AV:L/AC:M/Au:N/C:C/I:C/A:C
Affected products we track (1)
Recommendation
Apply the vendor fix in your normal patch cycle. Open any affected product above for its exact safe version.
Additional information
- NVD record
- http://lists.fedoraproject.org/pipermail/package-announce/2010-March/038214.html
- http://lists.vmware.com/pipermail/security-announce/2010/000082.html
- http://osvdb.org/58495
- http://secunia.com/advisories/38794
- http://secunia.com/advisories/38834
- http://secunia.com/advisories/39182
- http://www.securityfocus.com/bid/36552
- http://www.vupen.com/english/advisories/2010/0528