CVE-2002-0430 Information

Description

MultiFileUploadHandler.php in the Sun Cobalt RaQ XTR administration interface allows local users to bypass authentication and overwrite arbitrary files via a symlink attack on a temporary file followed by a request to MultiFileUpload.php.

Reference

http://archives.neohapsis.com/archives/bugtraq/2002-03/0081.html http://www.securityfocus.com/bid/4252