PT-2012-1514 · Ibm · Invscout.Rte
Jakub Wartak
·
Published
2012-01-04
·
Updated
2017-08-17
·
CVE-2011-1384
CVSS v2.0
4.0
Medium
| Vector | AV:L/AC:H/Au:N/C:N/I:C/A:N |
Name of the Vulnerable Software and Affected Versions
invscout.rte versions prior to 2.2.0.19
Description
The issue allows local users to delete arbitrary files or trigger inventory scout operations on arbitrary files via a symlink attack. This is related to the bin/invscoutClient VPD Survey and sbin/invscout lsvpd programs.
Recommendations
For invscout.rte versions prior to 2.2.0.19, update to version 2.2.0.19 or later to resolve the issue.
Fix
Link Following
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Invscout.Rte