Veritas Volume Manager creates a world writable .server_pids file, which allows local users to add arbitrary commands into the file, which is then executed by the vmsa_server script.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
symantec veritas volume manager 3.0.2 |
||
symantec veritas volume manager 3.0.3 |
||
symantec veritas volume manager 3.0.4 |