2 matches found
CVE-2008-4970
runiozone in lustre 1.6.5 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/iozone.log temporary file...
CVE-2008-4970
CVE-2008-4970 affects the Lustre file system: the runiozone component on Lustre 1.6.5 allows a local user to overwrite arbitrary files through a symlink race against the temporary file /tmp/iozone.log. The underlying issue is a local-file overwrite via a symlink attack. Exploitation is local and ...