Description
The (1) inoregupdate, (2) uniftest, or (3) unimove scripts in eTrust InoculateIT for Linux 6.0 allow local users to overwrite arbitrary files via a symlink attack on files in /tmp.
Affected products
- Broadcom / inoculateit6.0 – 6.0
References
- VENDOR_ADVISORYhttp://secunia.com/advisories/10833
- MISChttp://www.osvdb.org/4735
- VENDOR_ADVISORYhttp://www.excluded.org/advisories/advisory10.txt
- MAILING_LISThttp://marc.info/?l=bugtraq&m=107635584431518&w=2
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/15102
- MISChttp://www.securityfocus.com/bid/9616
- MISChttp://www.osvdb.org/4855
- MISChttp://www.osvdb.org/4856