Back to search
CVE-2006-2221
Published: May 5, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
A third-party installer generation tool, possibly BitRock InstallBuilder, as used in products including Process-one ejabberd 1.1.1_1 and earlier, generates an installer that allows local users to cause a denial of service via a symlink attack on the bitrock_installer.log temporary file. NOTE: it is possible that this vulnerability is present in other products that use this installer.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
17804
vdb-entry
x_refsource_BID
19954
third-party-advisory
x_refsource_SECUNIA
20060502 Ejabberd : Symlink vulnerability during installation process
mailing-list
x_refsource_BUGTRAQ
20060503 Re: Ejabberd : Symlink vulnerability during installation process
mailing-list
x_refsource_BUGTRAQ
ejabberd-bitrockinstaller-symlink(26221)
vdb-entry
x_refsource_XF
installbuilder-bitrockinstaller-symlink(26261)
vdb-entry
x_refsource_XF
19928
third-party-advisory
x_refsource_SECUNIA
ADV-2006-1642
vdb-entry
x_refsource_VUPEN
ADV-2006-1659
vdb-entry
x_refsource_VUPEN
25215
vdb-entry
x_refsource_OSVDB
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now