Bugtraq mailing list archives
Re: [SECURITY VULNERABILITY] lmgrd startup script
From: mharrigan () cisco com (Matthew G. Harrigan)
Date: Fri, 9 Aug 1996 14:13:50 -0700
At 12:45 PM 8/9/96 -0500, you wrote:
Look at how lmgrd is started through /etc/rc2.d/S85lmgrd: $licdir/${lmgrd} -c $licdir/$licfile >> /tmp/license_log 2>&1 & The system is vulnerable to attacks that link /tmp/license_log to some non-existent system file such as /.rhosts making it world writable the next time the machine is rebooted.
Actually, it would make any file vulnerable, even if it existed since the rc command appends and does not create (>>). Matt Matthew G. Harrigan |cisco Systems Internet Systems Engineer |mharrigan () cisco com -------------------------------|408-527-3852 (x63582) "640K ought to be enough for |Email Pager: anybody. " - Bill Gates, 1981 |mharrigan () airnote net
Current thread:
- Re: [SECURITY VULNERABILITY] lmgrd startup script Matthew G. Harrigan (Aug 09)
- <Possible follow-ups>
- Re: [SECURITY VULNERABILITY] lmgrd startup script David Evans (Aug 09)