IBM Lotus Notes for Linux Multiple Insecure File Permission Vulnerabilities
Submitted by Ty on November 29, 2007 - 9:00am.
Multiple vulnerabilities have been identified in IBM Lotus Notes for Linux, which could be exploited by malicious users to bypass security restrictions and potentially compromise a vulnerable system. These issues are caused due to insecure permissions being set on extracted binaries and the installdata file when executing the installer program, which could be exploited by a local attacker to modify arbitrary files such that subsequent installs performed by the root user could deploy malicious content or code to end user systems.