The logging feature in kcms_configure in the KCMS package on Solaris 8 and 9, and possibly other versions, allows local users to corrupt arbitrary files via a symlink attack on the KCS_ClogFile file.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Solaris | Sun | 8.0 (including) | 8.0 (including) |
Solaris | Sun | 9.0 (including) | 9.0 (including) |
Sunos | Sun | 5.8 (including) | 5.8 (including) |