CVE-2002-0793 Information

Description

Hard link and possibly symbolic link following vulnerabilities in QNX RTOS 4.25 (aka QNX4) allow local users to overwrite arbitrary files via (1) the -f argument to the monitor utility (2) the -d argument to dumper (3) the -c argument to crttrap or (4) using the Watcom sample utility.

Reference

http://archives.neohapsis.com/archives/bugtraq/2002-05/0292.html http://www.iss.net/security_center/static/9231.php http://www.securityfocus.com/bid/4901 http://www.securityfocus.com/bid/4902 http://www.securityfocus.com/bid/4903 http://www.securityfocus.com/bid/4904 https://exchange.xforce.ibmcloud.com/vulnerabilities/9232 https://exchange.xforce.ibmcloud.com/vulnerabilities/9233 https://exchange.xforce.ibmcloud.com/vulnerabilities/9234