cci_dir in IBM U2 UniVerse 10.0.0.9 and earlier creates hard links and unlinks files as root, which allows local users to gain privileges by deleting and overwriting arbitrary files.Referenceshttp://marc.info/?l=bugtraq&m=105839150004682&w=2http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0025.html
