Directory Service Multiple Unprivileged Instance Permissions Issue in Red Hat
CVE-2011-0022
Currently unrated
Summary
The setup scripts in Red Hat Directory Server versions 1.2.x (also known as 389 Directory Server 8.2.x) are configured with overly permissive 0777 permissions for the /var/run/dirsrv directory. This misconfiguration enables local users to compromise the service by replacing PID files within this directory, potentially leading to a denial of service scenario through daemon outages or arbitrary process terminations.
References
Timeline
Vulnerability published
Vulnerability Reserved