A certain Red Hat script for sudo 1.7.2 on Red Hat Enterprise Linux (RHEL) 5 allows local users to overwrite arbitrary files via a symlink attack on the /var/tmp/nsswitch.conf.bak temporary file.
CPE | Name | Operator | Version |
---|---|---|---|
enterprise_linux | eq | 5 | |
sudo | eq | 1.7.2 |