The redirect_stderr function in xnbd_common.c in xnbd-server and xndb-wrapper in xNBD 0.1.0 allow local users to overwrite arbitrary files via a symlink attack on /tmp/xnbd.log.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Xnbd | Bitbucket | 0.1.0-pre (including) | 0.1.0-pre (including) |