CVE-2004-0559 Information

Description

The maketemp.pl script in Usermin 1.070 and 1.080 allows local users to overwrite arbitrary files at install time via a symlink attack on the /tmp/.usermin directory.

Reference

http://secunia.com/advisories/12488/ http://www.gentoo.org/security/en/glsa/glsa-200409-15.xml http://www.securityfocus.com/bid/11153 http://www.webmin.com/uchanges-1.089.html https://exchange.xforce.ibmcloud.com/vulnerabilities/17299