CVE-2004-0217 Information

Description

The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red Hat Linux allows local users to create or append to arbitrary files via a symlink attack on /tmp/LiveUpdate.log.

Reference

http://marc.info/?l=bugtraq&m=107694800908164&w=2 http://www.securityfocus.com/bid/9662 https://exchange.xforce.ibmcloud.com/vulnerabilities/15215