Security Alert: Critical Vulnerabilities Red Hat Enterprise Linux
Two new vulnerabilities (CVE-2015-3245, and CVE-2015-3246) have been announced for Red Hat Enterprise Linux (RHEL) version 5, 6, and 7. The IT Security Office urges any system administrators running RHEL to apply the software updates for these vulnerabilities as soon as possible. By leveraging these flaws, a local user could add a new administrative (root) user to the system password file and elevate their privilege level.
CIT TDX ID: