Symlink Attack

2019-05-0204:59:13

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.0004 Low

EPSS

Percentile

5.1%

JSON

ibutils is vulnerable to symlink attack. A flaw was found in the way ibutils handled temporary files. A local attacker could use this flaw to cause arbitrary files to be overwritten as the root user via a symbolic link attack.

CPENameOperatorVersion
librdmacmeq1.0.15__2.el6
librdmacmeq1.0.10__2.el6
librdmacmeq1.0.14.1__3.el6
librdmacmeq1.0.17__0.git4b5c1aa.el6
openmpieq1.4.1__4.3.el6
openmpieq1.5.3__3.el6
openmpieq1.5.4__1.el6
openmpieq1.4.3__1.1.el6
mpitestseq3.2__2.el6
mpitestseq3.2__4.el6

Name	Operator	Version
librdmacm	eq	1.0.15__2.el6
librdmacm	eq	1.0.10__2.el6
librdmacm	eq	1.0.14.1__3.el6
librdmacm	eq	1.0.17__0.git4b5c1aa.el6
openmpi	eq	1.4.1__4.3.el6
openmpi	eq	1.5.3__3.el6
openmpi	eq	1.5.4__1.el6
openmpi	eq	1.4.3__1.1.el6
mpitests	eq	3.2__2.el6
mpitests	eq	3.2__4.el6