Description
XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
Affected products
- caldera / openlinux1.2 – 1.2
- Debian / debian_linux2.0 – 2.0
- Debian / debian_linux2.0 – 2.0
- Debian / debian_linux2.1 – 2.1
- NetBSD / netbsd1.3.3 – 1.3.3
- RedHat / linux5.1 – 5.1
- SUSE / suse_linux5.3 – 5.3