The cTrigger::DoIt function in src/ctrigger.cpp in the trigger mechanism in the daemon in Verlihub 0.9.8d-RC2 and previous versions allows local users to overwrite arbitrary files via a symlink attack on the /tmp/trigger.tmp temporary file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
verlihub-project verlihub 0.9.8d |