Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
PatchLink Update client for Unix, as used by Novell ZENworks Patch Management Update Agent for Linux/Unix/Mac (LUM) 6.2094 through 6.4102 and other products, allows local users to (1) truncate arbitrary files via a symlink attack on the /tmp/patchlink.tmp file used by the logtrimmer script, and (2) execute arbitrary code via a symlink attack on the /tmp/plshutdown file used by the rebootTask script.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
PatchLink Update多个不安全的临时文件创建漏洞
Vulnerability Description
Linux/Unix/Mac (LUM) 6.2094至 6.4102 和其他可能的产品的Novell ZENworks Patch Management Update Agent 所使用的Unix PatchLink Update client会允许本地用户(1)通过对logtrimmer脚本所运用的/tmp/patchlink.tmp 文件中的一个符号链接攻击来修改任意文件,和 (2)通过对rebootTask脚本所运行的/tmp/plshutdown文件中的一个符号链接攻击来执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A