Description
inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations.
Affected products
- caldera / openlinux_desktop2.3 – 2.3
- caldera / openlinux_edesktop2.4 – 2.4
- caldera / openlinux_eserver2.3 – 2.3
- Debian / debian_linux2.2 – 2.2
- Debian / debian_linux2.2 – 2.2
- Debian / debian_linux2.2 – 2.2
- Debian / debian_linux2.2 – 2.2
- Debian / debian_linux2.2 – 2.2
- immunix / immunix7.0_beta – 7.0_beta
- mandrakesoft / mandrake_linux6.0 – 6.0
- mandrakesoft / mandrake_linux6.1 – 6.1
- mandrakesoft / mandrake_linux7.1 – 7.1
- mandrakesoft / mandrake_linux7.2 – 7.2
- mandrakesoft / mandrake_linux7.0 – 7.0
- RedHat / linux7.0 – 7.0
References
- MAILING_LISThttp://marc.info/?l=bugtraq&m=97916374410647&w=2
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/5916
- MISChttp://www.linux-mandrake.com/en/security/2001/MDKSA-2001-010.php3
- MISChttp://www.securityfocus.com/bid/2190
- VENDOR_ADVISORYhttp://www.calderasystems.com/support/security/advisories/CSSA-2001-001.0.txt