Bugtraq mailing list archives
Re: /bin/ksh creates insecure tmp files
From: "J.A. Gutierrez" <spd () GTC1 CPS UNIZAR ES>
Date: Thu, 21 Dec 2000 11:39:00 +0200
Demonstration (ksh is vulnerable if the size of silly.1 is changed):
Vulnerable: Version M-11/16/88f-beta4 (IRIX 6.2, patchSG0002882) Version 11/16/88f (IRIX 6.5.5) Version M-11/16/88f (IRIX 6.5.7) Version 11/16/88 (HP-UX B.09.00) Version M-11/16/88f (Tru64 5.0) Version M-11/16/88i (Solaris 7) Version 11/16/88i (Solaris 2.5) Not vulnerable: Version 1993-12-28 j (ast-ksh.2000-06-01 (ATT), Linux) Version M-11/16/88i (Solaris 8) Version 11/16/88 (HP-UX B.11.00) -- finger spd () gtc1 cps unizar es for PGP / So be easy and free .mailcap tip of the day: / when you're drinking with me application/ms-tnef; cat '%s' > /dev/null / I'm a man you don't meet every day text/x-vcard; cat '%s' > /dev/null / (the pogues)
Current thread:
- /bin/ksh creates insecure tmp files Paul Szabo (Dec 20)
- Re: /bin/ksh creates insecure tmp files J.A. Gutierrez (Dec 21)
- Re: /bin/ksh creates insecure tmp files Greg A. Woods (Dec 21)