AIX logsymptom Insecure Temporary File Creation Vulnerability

AIX logsymptom Insecure Temporary File Creation Vulnerability

Under certain versions of AIX the logsymptom program creates non-random, writeable files in the /tmp directory. These files can be linked to so that an intruder may leverage a symlink attack. Because logsymptom is executed as root, the attacker may overwrite any file on the filesystem.