May 28, 2001

InoculateIT has Linux vulnerability

Author: JT Smith

Posted at Net-security.org: "I believe there is a vulnerability in InoculateIT for
Linux, and probably other Unix versions of InoculateIT,
which allows local non-root users to delete any file on
the system, and under some circumstances to overwrite any
file on the system, next time the 'update_signature' is
run by root. If the recommendations in the documentation
are followed, this will happen every day at 1am."

Category:

  • Linux
Click Here!