Definition Id: oval:org.mitre.oval:def:4047
Oval ID: oval:org.mitre.oval:def:4047
Title: Shell Redirect Symlink Attack Vulnerability
Description: Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.
Family: unix Class: vulnerability
Reference(s): CVE-2000-1134
Version: 2
Platform(s): Sun Solaris 7
Sun Solaris 8
Product(s): Bourne Shell (sh)
Bourne Again Shell (bash)
TENEX C Shell (tcsh)
C Shell (csh)
Korn Shell (ksh)
Definition Synopsis: