CVE-2006-5163

Name of the Vulnerable Software and Affected Versions IBM Informix Dynamic Server version 10.UC3RC1 Trial for Linux

Description The issue allows local users to append data to arbitrary files via a symlink attack, due to insecure permissions of the /tmp/installserver.txt file created by the software.

Recommendations For IBM Informix Dynamic Server version 10.UC3RC1 Trial for Linux, consider changing the permissions of the /tmp/installserver.txt file to prevent local users from appending data to arbitrary files via a symlink attack. As a temporary workaround, restrict access to the /tmp directory to minimize the risk of exploitation.