AIX techlibss符号链接漏洞

漏洞信息详情

AIX techlibss符号链接漏洞

• CNNVD编号：CNNVD-200001-027
• 危害等级： 低危
  
  
• CVE编号：
  CVE-2000-0080
  
• 漏洞类型：
  
  
  其他
  
• 发布时间：
  
  2000-01-10
  
• 威胁类型：
  
  
  本地
  
• 更新时间：
  
  2005-05-02
  
• 厂        商：
  
  ibm
• 漏洞来源：
  First posted to Bu…

AIX techlibss存在漏洞。本地用户可以借助符号链接攻击覆盖文件。

The following was taken from Klaus Kusche’s Bugtraq post regarding a fix:
The problem is fixed with the fileset “techlib.service.rte.1.0.0.4” on the service CD for Jan 2000.
If you have installed an older version of “techlib.service.rte”, upgrade manually (following the instructions on the CD cover), because that fileset is not updated automatically, even if you choose to automatically update all installed AIX filesets from the CD.
@ooe.gv.at>

来源: BID
名称: 931
链接:http://www.securityfocus.com/bid/931

来源: BUGTRAQ
名称: 20000110 2nd attempt: AIX techlibss follows links
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=94757136413681&w=2