Description
privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack.
Affected products
- Debian / debian_linux2.2 – 2.2
- Debian / debian_linux2.2 – 2.2
- Debian / debian_linux2.2 – 2.2
- Debian / debian_linux2.2 – 2.2
- Debian / debian_linux2.2 – 2.2
- Debian / debian_linux2.2 – 2.2
- immunix / immunix7.0_beta – 7.0_beta
- mandrakesoft / mandrake_linux6.0 – 6.0
- mandrakesoft / mandrake_linux6.1 – 6.1
- mandrakesoft / mandrake_linux7.0 – 7.0
- mandrakesoft / mandrake_linux7.1 – 7.1
- mandrakesoft / mandrake_linux7.2 – 7.2
- mandrakesoft / mandrake_linux_corporate_server1.0.1 – 1.0.1
- RedHat / linux7.0 – 7.0