script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command.
References
Link | Resource |
---|---|
http://seclists.org/bugtraq/2001/Dec/0122.html | Mailing List Third Party Advisory |
http://seclists.org/bugtraq/2001/Dec/0123.html | Mailing List Third Party Advisory |
http://secunia.com/advisories/16785 | Broken Link |
http://secunia.com/advisories/18502 | Broken Link |
http://support.avaya.com/elmodocs2/security/ASA-2006-014.htm | Third Party Advisory |
http://www.redhat.com/support/errata/RHSA-2005-782.html | Broken Link Vendor Advisory |
http://www.securityfocus.com/bid/16280 | Broken Link Third Party Advisory VDB Entry |
https://exchange.xforce.ibmcloud.com/vulnerabilities/7718 | Third Party Advisory VDB Entry |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10723 | Broken Link |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2005-06-21T04:00:00
Updated: 2017-10-10T00:57:01
Reserved: 2005-06-21T00:00:00
Link: CVE-2001-1494
JSON object: View
NVD Information
Status : Analyzed
Published: 2001-12-31T05:00:00.000
Modified: 2024-01-26T17:16:52.537
Link: CVE-2001-1494
JSON object: View
Redhat Information
No data.
CWE