PT-2005-4122 · Bmc · Control-M

Scott Cromar

Published

2005-10-25

Updated

2016-10-18

CVE-2005-3311

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions BMC Software Control-M version 6.1.03

Description The issue allows local users to overwrite arbitrary files via a symlink attack on temporary files. This can potentially lead to unauthorized access or modification of sensitive data.

Recommendations For version 6.1.03, consider restricting access to temporary files to prevent symlink attacks until a patch is available. As a temporary workaround, monitor file system activity closely to detect potential unauthorized file modifications.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-3311

Affected Products

Control-M

PT-2005-4122 · Bmc · Control-M

CVE-2005-3311

Related Identifiers

Affected Products

References · 5