aaa_base in SuSE Linux 6.3, and cron.daily in earlier versions, allow local users to delete arbitrary files by creating files whose names include spaces, which are then incorrectly interpreted by aaa_base when it deletes expired files from the /tmp directory.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
suse suse linux 6.1 |
||
suse suse linux 6.2 |
||
suse suse linux 6.3 |
||
suse suse linux 6.0 |
||
suse suse linux 6.4 |