CVE-2004-0267

Name of the Vulnerable Software and Affected Versions eTrust InoculateIT for Linux version 6.0

Description The issue allows local users to overwrite arbitrary files via a symlink attack on files in /tmp, specifically through the inoregupdate, uniftest, or unimove scripts.

Recommendations For eTrust InoculateIT for Linux version 6.0, consider restricting access to the inoregupdate, uniftest, and unimove scripts to prevent local users from exploiting the symlink attack vulnerability. As a temporary workaround, restrict write access to sensitive files and directories that could be targeted by the attack.