VULHUB ™

ISS Internet Security Scanner for Linux (version 5.3) install.iss security hole is vulnerable to the standard tmp-symlink attack. Not much exploit potential here, as noted by Fyodor, but this problem raises serious questions about the overall integrity of proprietary ISS software that is distributed in binary form only.

ISS Internet Security Scanner for Linux (version 5.3) install.iss security hole is vulnerable to the standard tmp-symlink attack. Not much exploit potential here, as noted by Fyodor, but this problem raises serious questions about the overall integrity of proprietary ISS software that is distributed in binary form only.