source: wwwsecurityfocuscom/bid/988/info
A symlink following vulnerability exists in the ARCserve agent, as shipped with SCO Unixware 7 Upon startup, the asagent program will create several files in /tmp These are created mode 777, and can be removed and replaced by any user on the system If these are replaced with symlinks, files can ...