Steve Grubb discovered a flaw in Utempter which allowed device names
containing directory traversal sequences such as '/../'. In
combination with an application that trusts the utmp or wtmp files,
this could allow a local attacker the ability to overwrite privileged
files using a symlink.
CAN-2004-0233 Affects: 3AS 3ES 3WS
CAN-2004-0233 Affects: 2.1AS 2.1AW 2.1ES 2.1WS
Was made public on April 19th 2004
An errata has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.