header-logo
Suggest Exploit
vendor:
xfsdump
by:
SecurityFocus
7.2
CVSS
HIGH
Symbolic Link Attack
36
CWE
Product Name: xfsdump
Affected Version From: Irix 5.x
Affected Version To: Irix 6.x
Patch Exists: No
Related CWE: N/A
CPE: o:sgi:irix
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Irix
1999

Symbolic Link Attack

The xfsdump program shipped with Irix 5.x and 6.x from SGI contains a vulnerability which could lead to root compromise. By creating a log file in /usr/tmp called bck.log, a user could create a symbolic link from this file to any file they wish to be created as root. This is turn could be used to compromise the system.

Mitigation:

Restrict access to the /usr/tmp directory and ensure that only trusted users have access to it.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/472/info

The xfsdump program shipped with Irix 5.x and 6.x from SGI contains a vulnerability which could lead to root compromise. By creating a log file in /usr/tmp called bck.log, a user could create a symbolic link from this file to any file they wish to be created as root. This is turn could be used to compromise the system.

ln -sf /.rhosts /usr/tmp/bck.log

Navigation

Suggest Exploit

Services By CQR