Local File Overwrite Vulnerability in InoculateIT by Computer Associates
CVE-2001-0625

Currently unrated

Key Information:

Vendor: Broadcom
Status: Inoculateit
Vendor: CVE Published:; 22 August 2001

What is CVE-2001-0625?

The ftpdownload component in Computer Associates InoculateIT version 6.0 is susceptible to a local file overwrite vulnerability. This occurs when an attacker exploits a symlink attack against the /tmp/ftpdownload.log file. By manipulating symbolic links, an unauthorized local user can overwrite arbitrary files, potentially leading to significant disruption or unauthorized data changes. It underscores the importance of secure file handling in software design.

References

http://archives.neohapsis.com/archives/bugtraq/2001-05/02...

mailing-listx_refsource_BUGTRAQ

http://www.osvdb.org/1843

vdb-entryx_refsource_OSVDB

https://exchange.xforce.ibmcloud.com/vulnerabilities/6607

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Aug 22, 2001
Vulnerability Reserved
Jul 27, 2001

Broadcom

What is CVE-2001-0625?

References

Timeline