New Search

Security Vulnerability in rm(1) may Lead to Unauthorized Deletion of Files or Directories

oval:org.mitre.oval:def:8272

Race condition in recursive directory deletion with the (1) -r or (2) -R option in rm in Solaris 8 through 10 before 20070208 allows local users to delete files and directories as the user running rm by moving a low-level directory to a higher level as it is being deleted which causes rm to chdir to a ".." directory that is higher than expected possibly up to the root file system a related issue to CVE-2002-0435.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Sun Solaris 10
  • Sun Solaris 9
  • Sun Solaris 8
Class:
vulnerability
Reference(s):
  • CVE-2007-0895
Product(s):