CVE-2006-5163 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2006-5163
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-5163

Description: IBM Informix Dynamic Server 10.UC3RC1 Trial for Linux and possibly other versions creates /tmp/installserver.txt with insecure permissions, which allows local users to append data to arbitrary files via a symlink attack.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/29300 http://xforce.iss.net/xforce/xfdb/29297 SREASON http://securityreason.com/securityalert/1686 SAID Secunia Advisory: SA22223 OSVDB 29349 FULLDISC http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0013.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/447501/100/0/threaded BID 20300

Return to the previous page.