CVE-2009-4454
VideoCache 1.9.2’s vccleaner component is vulnerable to a local symlink attack that allows a user with Squid proxy privileges to overwrite arbitrary files via /var/log/videocache/vccleaner.log. The root cause is a symlink-related path handling flaw in vccleaner.log handling, enabling a local atta...