Red Hat Bugzilla – Bug 165758
CAN-2005-1751 shtool insecure temporary file creation
Last modified: 2014-08-31 19:27:49 EDT
+++ This bug was initially created as a clone of Bug #165757 +++
Race condition in shtool 2.0.1 and earlier allows local users to
create or modify arbitrary files via a symlink attack on the
.shtool.$$ temporary file.
openldap for FC3 and FC4 contains shtool in its source.
The shtool in openldap does not exercise the code path which contains this bug.