Bugtraq mailing list archives
symlink bug in tin/rtin
From: nr () C64 ORG (NetRunner)
Date: Sat, 29 Mar 1997 17:45:24 +0100
Small bug I discovered in the unix NEWS reader tin/rin. Then a user run rtin/tin a user-list will be created in /tmp/.tin_log with mode 0666. and if a user makes a symlink from /etc/passwd (or any file) to /tmp/.tin_log and root or another user with uid 0 runs rtin/tin, tin will follow the symlink to /etc/passwd and change the mode to 0666. I hope no admin's are stupid enough to run rtin/tin as uid 0. :-) /NetRunner nr () c64 org
Current thread:
- buffer over in hp-ux 10.20 kernel C0WZ1LL4 () NETSPACE ORG (Mar 21)
- Re: New Sendmail bug Jeffrey Moyer (Mar 24)
- Re: New Sendmail bug Gonzo Granzeau (Mar 24)
- Re: New Sendmail bug Claude Scarpelli (Mar 25)
- Latest IE FIX from MS is a HOAX Aaron Spangler (Mar 25)
- Re: Latest IE FIX from MS is a HOAX Michael H. Warfield (Mar 25)
- ANNOUNCE : NTCrack v1.0 Jonathan Wilkins (Mar 27)
- There are more loopholes in LPD Patrick Powell (Mar 28)
- symlink bug in tin/rtin NetRunner (Mar 29)
- Re: symlink bug in tin/rtin Nelson Murilo (Mar 29)
- ANNOUNCE : NTCrack v2.0 Jonathan Wilkins (Mar 29)
- Re: New Sendmail bug Gonzo Granzeau (Mar 24)
- more sendmail poop *Hobbit* (Mar 25)
- Reported Sendmail 8.8.4 Exploit gshapiro () SENDMAIL ORG (Mar 25)
- minor vulnerability in ELM Dmitry E. Kim (Mar 26)
- FreeBSD-SA-97:02: Buffer overflow in lpd Aleph One (Mar 26)
- Re: New Sendmail bug Jeffrey Moyer (Mar 24)
- Cisco 2509/2511 Albert Siersema (Mar 24)
- Re: Cisco 2509/2511 Dan Brown (Mar 24)
- Re: Cisco 2509/2511 Erdinc KAYA (Mar 24)