Race condition vulnerability in the rmtree function via a symlink attack in Apple Mac OS X (II)ID: oval:org.secpod.oval:def:3837 | Date: (C)2012-01-20 (M)2021-09-30 |
Class: VULNERABILITY | Family: macos |
The host is installed with Apple Mac OS X server before 10.5.8 and is prone to a race condition vulnerability. A flaw is present in the application, which fails to properly handle symbolic links. Successful exploitation could allow local user with write access to a directory that is being deleted may cause arbitrary files to be removed with the privileges of the perl process
Platform: |
Apple Mac OS X 10.5 |
Apple Mac OS X Server 10.5 |