Phase:IPFilter 3.2.3 through 3.2.10 allows local users to modify arbitrary files via a symlink attack on the saved output file.
ReferencesBUGTRAQ:Thursday, April 15, 1999 FSA-99.04-IPFILTER-v3.2.10 | URL:http://www.securityfocus.com/archive/1/13303 | XF:ipfilter-temp-file(2087) | URL:http://xforce.iss.net/static/2087.php
Votes:Proposed (Wednesday, September 12, 2001)
Comments: ACCEPT(2) Cole, Frech | NOOP(2) Wall, Foat
F7: