Symlink Attack Vulnerability in Cfengine by Cfengine
CVE-2005-3137
Currently unrated
Summary
The cfmailfilter and cfcron.in files in Cfengine 1.6.5 are susceptible to a symlink attack, allowing local users to overwrite arbitrary files by exploiting temporary files. This raises significant security concerns as attackers can manipulate file system permissions and compromise system integrity. Prompt patching and proper permission management are essential to mitigate this risk.
References
Timeline
Vulnerability published
Vulnerability Reserved