• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Sysstat Isag Temporary File Creation Vulnerability

The Sysstat Isag command is prone to an issue that may allow malicious local users to corrupt system files, most likely resulting in loss of data or a denial of service.

The source of this vulnerability is that the utility creates temporary files in an insecure manner, facilitating creation of malicious symbolic links in the /tmp directory.