CVE-2001-0823

Name of the Vulnerable Software and Affected Versions Performance Co-Pilot (PCP) versions prior to 2.2.1-3

Description The issue allows a local user to gain privileges via a symlink attack on the NOTICES file in the PCP log directory. This is achieved by exploiting the pmpost program.

Recommendations For versions prior to 2.2.1-3, update to version 2.2.1-3 or later to resolve the issue. As a temporary workaround, consider restricting access to the NOTICES file in the PCP log directory to minimize the risk of exploitation.