CVE-2004-0481
Solaris 8-9 - Arbitrary File Corruption via KCMS Logging Symlink Attack
Title source: llmDescription
The logging feature in kcms_configure in the KCMS package on Solaris 8 and 9, and possibly other versions, allows local users to corrupt arbitrary files via a symlink attack on the KCS_ClogFile file.
References (2)
Core 2
Core References
Patch, Vendor Advisory third-party-advisory
x_refsource_idefense
http://www.idefense.com/application/poi/display?id=206&type=vulnerabilities
Patch, Vendor Advisory vendor-advisory
x_refsource_sunalert
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57706-1
Scores
EPSS
0.0005
EPSS Percentile
16.9%
Details
Status
published
Products (3)
sun/solaris
8.0
sun/solaris
9.0 (2 CPE variants)
sun/sunos
5.8
Published
Feb 23, 2005
Tracked Since
Feb 18, 2026