Bugtraq mailing list archives
Filesystem DoS on SCO Openserver 5
From: tim () INFORIS RU (Tim Kutergin)
Date: Mon, 21 Sep 1998 14:56:32 +0400
Hi All !
It seems that I have been hit by bug in HTFS filesystem on SCO
Openserver 5. The problem is that You could do unlink("..") and this
operation will be successful (if You have permissions) corrupting
filesystem. I have discovered this anomaly when investigating constant
system crashes when users were deleting mailboxes in Cyrus imap server
1.5.2 There was bad code in imapd that was trying to delete ".." when
removing mailbox (newer versions of imapd are fixed). So usual user may
severely damage filesystem by doing unlink("..") in subdirectories, where
hi has permissions to do this. I had reported this bug to SCO, but they
replied that I have problems with hardware.
Sorry for bad English
Timofey
Current thread:
- Re: Locate overflow / Promiscuous mode / Posting tips Crispin Cowan (Sep 20)
- Filesystem DoS on SCO Openserver 5 Tim Kutergin (Sep 21)
- Re: Locate overflow / Promiscuous mode / Posting tips Wolfram Schneider (Sep 21)