Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

AfterStep asfsm tmp hole

From: kris () SNOW UTORONTO CA (Kristofer Coward)
Date: Tue, 25 Aug 1998 01:06:51 -0400

The disk usage monitor that comes with AfterStep (asfsm) overwrites
/usr/tmp/statfs regularly as whoever launched it, allowing the typical
symlink crap we've come to expect, including a possible DoS if run as
root.

Kris Coward
kris () snow utoronto ca
Previous By Date Next
Previous By Thread Next

Current thread: