AIX bellmail Race Condition Privilege Escalation

Network Security News – Monday, May 23, 2005 Events

AIX bellmail Race Condition Privilege Escalation

AIX contains a flaw that may allow a malicious local user to overwrite arbitrary files on the system. The issue is due to the bellmail program creating temporary files insecurely. It is possible for a user to use a symlink style attack to manipulate arbitrary files, resulting in a loss of integrity.. Read more at osvdb.org/16735