iscsi_discovery in open-iscsi in SUSE openSUSE 10.3 through 11.1 and SUSE Linux Enterprise (SLE) 10 SP2 and 11, and other operating systems, allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file that has a predictable name.
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Suse_linux | Novell | 10-sp2 (including) | 10-sp2 (including) |
Suse_linux | Novell | 11 (including) | 11 (including) |
Opensuse | Opensuse | 10.3 (including) | 10.3 (including) |
Opensuse | Opensuse | 11.1 (including) | 11.1 (including) |
Open-iscsi | Ubuntu | hardy | * |
Open-iscsi | Ubuntu | intrepid | * |
Open-iscsi | Ubuntu | jaunty | * |
Open-iscsi | Ubuntu | karmic | * |
Open-iscsi | Ubuntu | upstream | * |