CVE-2011-3602
EPSS 0.23%Published: 4/27/2014Modified: 4/28/2026
Description
Directory traversal vulnerability in device-linux.c in the router advertisement daemon (radvd) before 1.8.2 allows local users to overwrite arbitrary files, and remote attackers to overwrite certain files, via a .. (dot dot) in an interface name. NOTE: this can be leveraged with a symlink to overwrite arbitrary files.
Affected packages (1)
- Debian/radvdfrom 0, < 1:1.8-1.1