Bugtraq mailing list archives
Re: [BUG] Vulnerability in PKGTOOL
From: security () plato oneworld net (Paul Nash)
Date: Tue, 27 Aug 1996 09:57:54 -0400
A problem exists in the way PKGTOOL handles the /tmp/PKGTOOL.REMOVED logfile. This logfile is created mode 666, which allows any user to write to it. Although this file is usually created the first time PKGTOOL is run and can't be removed by normal users, a problem develops if root or the owner of the logfile deletes it for some reason or if PKGTOOL has never been run before.
On the same note tin creates /tmp/.tin_log mode 666 aswell.. It's vulnerable to symlinks aswell. -Paul ---------------------------------------+------------------------------------- Paul Nash v. 617 267 2440| And the days are not full enough Systems Administrator f. 617 267 2008| And the nights are not full enough One World Network |--------------+ And life slips by like a field mouse 14 Claremont Park | not disturbing the grass. Boston, MA. 02118 | -Ezra Pound ------------------------+----------------------------------------------------
Current thread:
- [BUG] Vulnerability in PKGTOOL Sean B. Hamor (Aug 26)
- Re: [BUG] Vulnerability in PKGTOOL Paul Nash (Aug 27)
- rlogin bug and buffer overflow thoughts Laslo Orto (Aug 28)
- <Possible follow-ups>
- Re: [BUG] Vulnerability in PKGTOOL Jonathan Larmour (Aug 27)
- Re: [BUG] Vulnerability in PKGTOOL Paul Nash (Aug 27)