Symlink Attack Vulnerability in KCMS Logging Feature

Symlink Attack Vulnerability in KCMS Logging Feature

CVE-2004-0481 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:P/A:N

The logging feature in kcms_configure in the KCMS package on Solaris 8 and 9, and possibly other versions, allows local users to corrupt arbitrary files via a symlink attack on the KCS_ClogFile file.

Learn more about our Cis Benchmark Audit For Oracle Solaris.