CVE-2005-2582

Name of the Vulnerable Software and Affected Versions Kaspersky Anti-Virus for Unix/Linux File Servers version 5.0-5

Description The issue concerns world-writable permissions for the log and license directory. This allows local users to delete log files, append to arbitrary files via a symlink attack on kavmonitor.log, or delete license keys, which can prevent keepup2date from executing properly.

Recommendations For version 5.0-5, consider changing the permissions of the log and license directories to prevent world-writable access, and restrict access to these directories to minimize the risk of exploitation.