CVE-2016-1611

Name of the Vulnerable Software and Affected Versions Novell Filr versions 1.2 before Hot Patch 6 Novell Filr versions 2.0 before Hot Patch 2

Description The issue allows local users to gain privileges by replacing the content of a specific file with arbitrary shell commands, due to world-writable permissions for /etc/profile.d/vainit.sh.

Recommendations For Novell Filr version 1.2, apply Hot Patch 6 to resolve the issue. For Novell Filr version 2.0, apply Hot Patch 2 to resolve the issue. As a temporary workaround, consider restricting write access to the /etc/profile.d/vainit.sh file until a patch is applied.