oss-sec mailing list archives
Re: CVE-2020-7040: storeBackup: denial of service and symlink attack vector via fixed lockfile path /tmp/storeBackup.lock
From: Nick Boyce <nick.boyce () gmail com>
Date: Tue, 21 Jan 2020 17:36:25 +0000
On Mon, 20 Jan 2020 at 13:42, Matthias Gerstner <mgerstner () suse de> wrote:
storeBackup [1] is a tool for performing disk-to-disk backups.
[...]
[1]: http://storebackup.org
Er ... when I looked just now, the page at that URL began :
How to Create Cryptocurrency – Simple Strategy
and continued:
Everyone is aware of the bitcoin which is the cryptocurrency trending in the world of IT
In "the world of IT" we are instantly wondering who exactly has written this webpage about a backup utility .... Should we tell the site owner his site may have been stolen ? Matthias ? Cheers, Nick
Current thread:
- CVE-2020-7040: storeBackup: denial of service and symlink attack vector via fixed lockfile path /tmp/storeBackup.lock Matthias Gerstner (Jan 20)
- Re: CVE-2020-7040: storeBackup: denial of service and symlink attack vector via fixed lockfile path /tmp/storeBackup.lock Nick Boyce (Jan 21)