Bugtraq mailing list archives
Re: [BUG] Vulnerability in PKGTOOL
From: JLarmour () origin-at co uk (Jonathan Larmour)
Date: Tue, 27 Aug 1996 18:30:41 +0100
At 09:57 27/08/96 -0400, Paul Nash wrote: [snip]
On the same note tin creates /tmp/.tin_log mode 666 aswell.. It's vulnerable to symlinks aswell.
However it doesn't complain if root creates /tmp/.tin_log mode 000, so that's the easiest quick-fix, although take care when clearing /tmp. Jonathan L. Origin UK, 323 Cambridge Science Park, Cambridge, England. CB4 4WG. Tel: +44 (1223) 423355 Fax: +44 (1223) 420724 E-mail: guess... -------[ Do not think that every sad-eyed woman has loved and lost... ]------ -----------------------[ she may have got him. -Anon ]----------------------- These opinions are all my own fault.
Current thread:
- [BUG] Vulnerability in PKGTOOL Sean B. Hamor (Aug 26)
- Re: [BUG] Vulnerability in PKGTOOL Paul Nash (Aug 27)
- rlogin bug and buffer overflow thoughts Laslo Orto (Aug 28)
- <Possible follow-ups>
- Re: [BUG] Vulnerability in PKGTOOL Jonathan Larmour (Aug 27)
- Re: [BUG] Vulnerability in PKGTOOL Paul Nash (Aug 27)