Vulners
Lucene search
Sun Workshop 5.0 Licensing Manager Symlink Vulnerability
source: http://www.securityfocus.com/bid/998/info
A vulnerability exists in the installation of licenses for Sun's WorkShop 5.0 compilers, and other Sun products which use the FlexLM license management system. As part of the installation process, the 'lit' program is run. This program insecurely creates files in /var/tmp. This can be used to create files owned by root, with known contents. The file will be created with root's umask, which by default is 0022.
Lit is not part of Globetrotter's FlexLM distribution. It is a license installation tool supplied by Sun for convenience purposes. This vulnerability does not represent a vulnerability in lmgrd, but a flaw in the license installation process. Running lmgrd as a user other than root, while a good idea, will not eliminate this problem.
ln -sf /.rhost /var/tmp/license_errors
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
01 Jul 2014 00:00Current
7.1High risk
Vulners AI Score7.1