CVE-2002-0296

Description

The installation of Tarantella Enterprise 3 allows local users to overwrite arbitrary files via a symlink attack on the "spinning" temporary file.

Affected products

• tarantella / tarantella_enterprise3.0 – 3.0
• tarantella / tarantella_enterprise3.01 – 3.01
• tarantella / tarantella_enterprise3.10 – 3.10
• tarantella / tarantella_enterprise3.11 – 3.11
• tarantella / tarantella_enterprise3.20 – 3.20

References

• MAILING_LISThttp://marc.info/?l=bugtraq&m=101467193803592&w=2
• MISChttp://archives.neohapsis.com/archives/bugtraq/2002-02/0187.html
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/8223
• MISChttp://www.securityfocus.com/bid/4115