The ispell_op function in ee on FreeBSD 4.10 to 6.0 uses predictable filenames and does not confirm which file is being written, which allows local users to overwrite arbitrary files via a symlink attack when ee invokes ispell.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
freebsd freebsd 4.11 |
||
freebsd freebsd 5.1 |
||
freebsd freebsd 5.3 |
||
freebsd freebsd 4.10 |
||
freebsd freebsd 5.0 |
||
freebsd freebsd 6.0 |
||
freebsd freebsd 5.4 |
||
freebsd freebsd 5.2 |
||
freebsd freebsd 5.2.1 |
Vulmon