Directory Traversal Vulnerability in Radvd Allows Arbitrary File Overwrite

Directory Traversal Vulnerability in Radvd Allows Arbitrary File Overwrite

CVE-2011-3602 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:P

Directory traversal vulnerability in device-linux.c in the router advertisement daemon (radvd) before 1.8.2 allows local users to overwrite arbitrary files, and remote attackers to overwrite certain files, via a .. (dot dot) in an interface name. NOTE: this can be leveraged with a symlink to overwrite arbitrary files.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.