IBM AIX Temporary File Creation Vulnerability

IBM AIX is prone to a vulnerability because it creates temporary files in an insecure manner.

An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application.

Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files which may result in a denial of service or gaining elevated privileges on the affected computer.

IBM AIX versions 5.3, 6.1, and 7.1 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus