Computer Associates InoculateIT Symbolic Link File Overwriting Vulnerability

InnoculateIT is a anti-virus software package distributed by Computer Associates.

A problem in the software may make it possible for a local user to overwrite any file on the system. When the directions are followed for installation, ftpdownload is executed daily at 0100, creating temporary file /tmp/ftpdownload.log. It is possible to create a symbolic link to an arbitrary file, which will overwrite the file with a wget log file.

This makes it possible for a local user to deny service to any legitimate user of the system.


Privacy Statement
Copyright 2010, SecurityFocus