Julien L

Name of the Vulnerable Software and Affected Versions: sysstat versions 5.1.2 through 7.1.6 Description: The issue is related to the creation of an insecure script by the init script `sysstat.in` in sysstat, allowing local users to execute arbitrary code. This can potentially lead to unauthorized access to confidential data, disruption of data integrity, and denial of service. Recommendations: For sysstat versions 5.1.2 through 7.1.6, consider restricting access to the `sysstat.in` script until a secure version is available. As a temporary workaround, avoid using the `sysstat.in` script to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** avast! 4 Linux Home Edition version 1.0.5 **Description** The issue allows local users to modify permissions of arbitrary files via a symlink attack on the /tmp/ avast4 temporary directory. **Recommendations** For avast! 4 Linux Home Edition version 1.0.5, consider restricting access to the /tmp/ avast4 directory to prevent symlink attacks until a patch is available.