Bugtraq mailing list archives

[ Hackerslab bug_paper ] HP-UX crontab temporary file symbolic li nk

From: perrycnd () WELLSFARGO COM
Date: Fri, 3 Nov 2000 19:15:12 -0700

Tested on HP10.20 - vulnerable
        Solaris 2.5.1 - not vulnerable
        Dec 4.0d - not vulnerable

perrycnd () wellsfargo com

File : /usr/bin/crontab

SYSTEM : HP-UX

           Tested in HP-UX 11.00

INFO :

There is a vulneribility in "crontab" which allows users to read all files

without attaining root or file ownership privileges.

Current thread:

[ Hackerslab bug_paper ] HP-UX crontab temporary file symbolic li nk perrycnd (Nov 04)
- Re: [ Hackerslab bug_paper ] HP-UX crontab temporary file symbolic li nk Ann Cantelow (Nov 06)