CWE-59

A flaw was found in Mercurial before 4.9. It was possible to use symlinks and subrepositories to defeat Mercurial’s path-checking logic and write files outside a repository.

Dell Command Update versions prior to 3.1 contain an Arbitrary File Deletion Vulnerability. A local authenticated malicious user with low privileges potentially could exploit this vulnerability to delete arbitrary files by creating a symlink from the “TempICProgressDell_InventoryCollector_Progress.xml” to any targeted file. This issue occurs because permissions on the Temp directory were set incorrectly.

Dell Command Update versions prior to 3.1 contain an Arbitrary File Deletion Vulnerability. A local authenticated malicious user with low privileges potentially could exploit this vulnerability to delete arbitrary files by creating a symlink from the “TempICICDebugLog.txt” to any targeted file. This issue occurs because of insecure handling of Temp directory permissions that were set incorrectly.

The chkstat tool in the permissions package followed symlinks before commit a9e1d26cd49ef9ee0c2060c859321128a6dd4230 (please also check the additional hardenings after this fix). This allowed local attackers with control over a path that is traversed by chkstat to escalate privileges.