CVE-2005-1270

Name of the Vulnerable Software and Affected Versions: Rootkit Hunter versions prior to 1.2.3-r1

Description: The issue concerns the creation of temporary files with predictable file names by the check update.sh and rkhunter script in Rootkit Hunter. This predictability allows local users to perform a symlink attack, enabling them to overwrite arbitrary files.

Recommendations: For versions prior to 1.2.3-r1, update to version 1.2.3-r1 or later to resolve the issue. As a temporary workaround, consider restricting access to the check update.sh and rkhunter script to minimize the risk of exploitation.