PT-2006-2263 · Ibm · Aix
Published
2006-04-19
·
Updated
2018-10-18
·
CVE-2006-1247
CVSS v2.0
3.3
Low
| Vector | AV:L/AC:M/Au:N/C:N/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
AIX versions 5.1.0 through 5.3.0
Description
The issue allows local users to overwrite arbitrary files via a symlink attack on temporary files, specifically through the
rm mlcache file function in bos.rte.install.Recommendations
For AIX versions 5.1.0 through 5.3.0, consider restricting access to the
rm mlcache file function in bos.rte.install to prevent local users from overwriting arbitrary files until a patch is available.Fix
Link Following
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Aix