Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.
| Software | From | Fixed in |
|---|---|---|
| redhat / linux | 5.2 | 5.2.x |
| redhat / linux | 6.0 | 6.0.x |
| redhat / linux | 6.1 | 6.1.x |
| redhat / linux | 6.2 | 6.2.x |
| redhat / linux | 6.2e | 6.2e.x |
| caldera / openlinux | - | - |
| hp / hp-ux | 11.11 | 11.11.x |
| suse / suse_linux | 7.0 | 7.0.x |
| mandrakesoft / mandrake_linux | 6.0 | 6.0.x |
| mandrakesoft / mandrake_linux | 6.1 | 6.1.x |
| mandrakesoft / mandrake_linux | 7.0 | 7.0.x |
| mandrakesoft / mandrake_linux | 7.1 | 7.1.x |
| mandrakesoft / mandrake_linux | 7.2 | 7.2.x |
| caldera / openlinux_eserver | 2.3 | 2.3.x |
| caldera / openlinux_edesktop | 2.4 | 2.4.x |
| conectiva / linux | 4.0 | 4.0.x |
| conectiva / linux | 4.0es | 4.0es.x |
| conectiva / linux | 4.1 | 4.1.x |
| conectiva / linux | 4.2 | 4.2.x |
| conectiva / linux | 5.0 | 5.0.x |
| conectiva / linux | 5.1 | 5.1.x |
| immunix / immunix | 6.2 | 6.2.x |