• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

SCO OpenServer Insecure Temporary File Vulnerabilities

SCO has released an advisory for OpenServer 5.0.5 which addresses multiple instances of scripts creating temporary files insecurely. These issues could be exploited by a local attacker to corrupt files via symbolic link attacks. Since there are many scripts which are prone to this behavior, it is more than likely that one of these scripts could allow an attack to corrupt files with custom data, resulting in elevated privileges.

These issues were addressed with the release of OpenServer 5.0.6.