OVAL Repository - View Definition: oval:org.mitre.oval:def:4047

OVAL Repository > View Definition

View Definition

NEW SEARCH : BACK

Definition Id: oval:org.mitre.oval:def:4047		Version: 2 Last Modified: 2006-07-03
Title:	Shell Redirect Symlink Attack Vulnerability
Description:	Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.
Family:	unix	Class:	vulnerability
Status:	ACCEPTED	Reference(s):	CVE-2000-1134
Platform(s):	Sun Solaris 7 Sun Solaris 8	Product(s):	Bourne Shell (sh) Bourne Again Shell (bash) TENEX C Shell (tcsh) C Shell (csh) Korn Shell (ksh)
Definition Synopsis:
Solaris 7 or 8 installed Solaris 7 Installed OR Solaris 8 Installed AND NOT Patches 108574-03, 108162-04, and 108416-02 or later installed Patch 108574-03 or later installed AND Patch 108162-04 or later installed AND Patch 108416-02 or later installed AND NOT Patches 110943-01, 110898-02, and 109324-03 or later installed Patch 110943-01 or later installed AND Patch 110898-02 or later installed AND Patch 109324-03 or later installed

NEW SEARCH : BACK

OVAL Repository

About the Repository

OVAL Repository Forum

Author’s Resources

Items of Interest