CVE-2000-0336

Description

Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack.

Affected products

• mandrakesoft / mandrake_linux6.1 – 6.1
• mandrakesoft / mandrake_linux7.0 – 7.0
• openldap / openldap1.2.8 – 1.2.8
• openldap / openldap1.2.7 – 1.2.7
• openldap / openldap1.2.9 – 1.2.9
• openldap / openldap1.2.10 – 1.2.10
• RedHat / linux6.1 – 6.1
• RedHat / linux6.1 – 6.1
• RedHat / linux6.1 – 6.1
• RedHat / linux6.2 – 6.2
• RedHat / linux6.2 – 6.2
• RedHat / linux6.2 – 6.2
• turbolinux / turbolinux4.2 – 4.2
• turbolinux / turbolinux4.4 – 4.4
• turbolinux / turbolinux6.0.2 – 6.0.2

References

• MISChttp://www.redhat.com/support/errata/RHSA-2000-012.html
• MISChttp://www.turbolinux.com/pipermail/tl-security-announce/2000-May/000009.html
• MISChttp://www.securityfocus.com/bid/1232
• MISCftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-009.0.txt