script command in the util-linux package prior to 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
kernel util-linux |
||
avaya cvlan |
||
avaya interactive response |
||
avaya integrated management suit |
||
avaya intuity lx |
||
avaya message networking |
||
avaya messaging storage server |