VULHUB ™

InnoculateIT is a anti-virus software package distributed by Computer Associates. A problem in the software may make it possible for a local user to overwrite any file on the system. When the directions are followed for installation, ftpdownload is executed daily at 0100, creating temporary file /tmp/ftpdownload.log. It is possible to create a symbolic link to an arbitrary file, which will overwrite the file with a wget log file. This makes it possible for a local user to deny service to any legitimate user of the system.

InnoculateIT is a anti-virus software package distributed by Computer Associates. A problem in the software may make it possible for a local user to overwrite any file on the system. When the directions are followed for installation, ftpdownload is executed daily at 0100, creating temporary file /tmp/ftpdownload.log. It is possible to create a symbolic link to an arbitrary file, which will overwrite the file with a wget log file. This makes it possible for a local user to deny service to any legitimate user of the system.