World Writable .server_pids File Vulnerability in Veritas Volume Manager

World Writable .server_pids File Vulnerability in Veritas Volume Manager

CVE-2000-0494 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

Veritas Volume Manager creates a world writable .server_pids file, which allows local users to add arbitrary commands into the file, which is then executed by the vmsa_server script.

Learn more about our Cis Benchmark Audit For Server Software.