CVE-2016-9595

Summary

A flaw was found in katello-debug before 3.4.0 where certain scripts and log files used insecure temporary files. A local user could exploit this flaw to conduct a symbolic-link attack, allowing them to overwrite the contents of arbitrary files.

Affected Software

VendorProductVersion RangeStatus
Foremankatello-debug3.4.0affected

Weaknesses

  • CWE-377: CWE-377

ADP Enrichment

CVE Program Container

Additional References

References