Symlink Attack Vulnerability in Symantec AntiVirus Scan Engine for Red Hat Linux

CVE-2004-0217 · HIGH Severity

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red Hat Linux allows local users to create or append to arbitrary files via a symlink attack on /tmp/LiveUpdate.log.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.