The Linux Security Auditing Tool (LSAT) allows local users to overwrite arbitrary files via a symlink attack on temporary files, as demonstrated using /tmp/lsat1.lsat.
Link | Tags |
---|---|
http://secunia.com/advisories/24526 | third party advisory vendor advisory |
http://www.securityfocus.com/bid/23014 | vdb entry |
https://exchange.xforce.ibmcloud.com/vulnerabilities/33057 | vdb entry |
http://osvdb.org/34267 | vdb entry |
http://security.gentoo.org/glsa/glsa-200703-20.xml | vendor advisory |
http://bugs.gentoo.org/show_bug.cgi?id=159542 |