VULHUB ™

It has been reported that IBM UniVerse may not properly create filesystem links. Attackers may be able to take advantage of the insecure usage of linking functions to create and delete files. Because the vulnerable binary is installed with suid root privileges, unprivileged users may perform these operations with elevated privileges. While this vulnerability was reported in UniVerse version 10.0.0.9, previous versions are likely vulnerable as well.

It has been reported that IBM UniVerse may not properly create filesystem links. Attackers may be able to take advantage of the insecure usage of linking functions to create and delete files. Because the vulnerable binary is installed with suid root privileges, unprivileged users may perform these operations with elevated privileges. While this vulnerability was reported in UniVerse version 10.0.0.9, previous versions are likely vulnerable as well.