The krb5-send-pr script in the kerberos5 (krb5) package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Kerberos_5 | Mit | 1.3.4 (including) | 1.3.4 (including) |
Red Hat Enterprise Linux 3 | RedHat | krb5-0:1.2.7-38 | * |