CVE-2001-0625

Name of the Vulnerable Software and Affected Versions: Computer Associates InoculateIT version 6.0

Description: The issue allows a local attacker to overwrite arbitrary files via a symlink attack on the /tmp/ftpdownload.log file. This is related to the ftpdownload component in the affected software.

Recommendations: For Computer Associates InoculateIT version 6.0, consider restricting access to the ftpdownload component to minimize the risk of exploitation. As a temporary workaround, avoid using the ftpdownload functionality until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.