2 matches found
CVE-2001-1066
The CVE-2001-1066 issue affects the Netscape 6.0.1 installation script on Solaris (and related versions) where the installer creates a temporary, predictably named file in a world-writable /tmp directory without proper existence/ownership checks. This enables a local attacker to perform a symlink...
CVE-2001-1066
ns6install installation script for Netscape 6.01 on Solaris, and other versions including 6.2.1 beta, allows local users to overwrite arbitrary files via a symlink attack...