Symlink Attack Vulnerability in Sun Management Center for Solaris 8
CVE-2001-1479

Currently unrated

Key Information:

Vendor: Oracle
Status: Management\+center
Vendor: CVE Published:; 31 December 2001

What is CVE-2001-1479?

The smcboot tool in Sun Management Center 2.0 for Solaris 8 contains a vulnerability that allows local users to manipulate symlinks to delete arbitrary files. This exploit occurs via the application’s use of the temporary directory /tmp/smc$SMC_PORT, which can be compromised to perform unauthorized file deletions. Proper access controls and file handling are essential to mitigate these risks.

References

http://www.securiteam.com/unixfocus/6K00S203FC.html

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/7756

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/3763

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Jun 21, 2005
Vulnerability published
Dec 31, 2001

Oracle

What is CVE-2001-1479?

References

Timeline