Symlink Attack Vulnerability in Multiple Unix Shell Programs

Symlink Attack Vulnerability in Multiple Unix Shell Programs

CVE-2000-1134 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.

Learn more about our User Device Pen Test.