CVE-2007-3849 Information

Description

Red Hat Enterprise Linux (RHEL) 5 ships the rpm for the Advanced Intrusion Detection Environment (AIDE) before 0.13.1 with a database that lacks checksum information which allows context-dependent attackers to bypass file integrity checks and modify certain files.

Reference

http://osvdb.org/40439 http://secunia.com/advisories/26711 http://www.redhat.com/support/errata/RHSA-2007-0539.html http://www.securityfocus.com/bid/25542 http://www.securitytracker.com/id?1018652 https://bugzilla.redhat.com/show_bug.cgi?id=236923 https://exchange.xforce.ibmcloud.com/vulnerabilities/36452 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10217