Bugtraq mailing list archives
AIX/Gradient iFOR/LS bug: follows symlinks
From: schuma () GAERTNER DE (Joerg Schumacher)
Date: Mon, 9 Feb 1998 23:32:45 +0100
AIX 4.1 includes the iFOR/LS (formerly known as NetLS) license server from Gradient Technologies. Some parts of this system (NCS, server and client libs) use a cache file (/tmp/last_uuid, mode 0666), which will be created on the fly if missing. The code has the classical file open bug: it will happily follow any symlink. I guess IBM and Gradient had their chance to fix this bug, since I reported it back in december 1996 (no typo, more than a year ago). IIRC, HP-UX had (and may still have) this bug too. Some complaints: to IBM: I guess it's time to review the APAR process wrt security. Having a security related bug hanging around for more than a year at low priority is definitely a bad thing. to IBM-ERS: I've submitted a Cc of my original bug report to ers-tech () vnet ibm com but I never got any feedback. Granted, you don't want to us to send any reports via email, but this "small planet" isn't small enough to let me call you via phone for free. to DFN-CERT: Where have you been? No tracking seen despite my Cc. Thanks to Troy Bollinger (troy () austin ibm com) for pointing out some other insecurely created temporary files. Regards, Joerg
Current thread:
- CERT Advisory CA-98.04 - NT.WebServers, (continued)
- CERT Advisory CA-98.04 - NT.WebServers Phillip R. Jaenke (Feb 06)
- Re: CERT Advisory CA-98.04 - NT.WebServers David LeBlanc (Feb 06)
- serious security hole in KDE Beta 3 Tudor Bosman (Feb 06)
- Re: Another ld-linux.so problem joost witteveen (Feb 07)
- Re: Another ld-linux.so problem Solar Designer (Feb 07)
- Re: Another ld-linux.so problem carson () tla org (Feb 07)
- Re: Another ld-linux.so problem Aleph One (Feb 08)
- www-sql cgi prog overrides .htaccess restrictions. Mr LEROY christophe (Feb 09)
- Re: www-sql cgi prog overrides .htaccess restrictions. Stunt Pope (Feb 09)
- SNI-24: IDS Vulnerabilities Secure Networks Inc. (Feb 09)
- AIX/Gradient iFOR/LS bug: follows symlinks Joerg Schumacher (Feb 09)
- Re: AIX/Gradient iFOR/LS bug: follows symlinks Troy A. Bollinger (Feb 09)
- CFP - Recent Advances in Intrusion Detection (RAID'98) Marc Dacier (Feb 10)
- IBM-ERS Security Vulnerability Alert: IBM AIX: Insecure temporary ibm-ers () ERS IBM COM (Feb 10)
- Re: Another ld-linux.so problem Roman Drahtmueller (Feb 08)
- ld confusion Aleph One (Feb 10)
- Re: ld confusion Cristian Gafton (Feb 11)
- Sun Security Bulletin #00162 Howie (Feb 10)
- SMB redirect program for NT Weld Pond (Feb 10)
- Re: SMB redirect program for NT David LeBlanc (Feb 10)
- WIngate: the sequel Alans other account (Feb 10)