wakeup in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA (Computer Associates) products, allows local users to truncate arbitrary files via a symlink attack on the alarmwkp.def file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ingres database server 2.6 |
||
ingres database server r3 |
||
ingres database server 9.0.4 |
||
ingres database server 2.5 |