CVE-2002-0887

Description

scoadmin for Caldera/SCO OpenServer 5.0.5 and 5.0.6 allows local users to overwrite arbitrary files via a symlink attack on temporary files, as demonstrated using log files.

Affected products

• caldera / openserver5.0.5 – 5.0.5
• caldera / openserver5.0.6 – 5.0.6

References

• MAILING_LISThttp://marc.info/?l=bugtraq&m=99057164129869&w=2
• MISChttp://www.iss.net/security_center/static/9210.php
• MISChttp://www.securityfocus.com/bid/4875
• MISCftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.22/CSSA-2002-SCO.22.txt