Re: [ Hackerslab bug_paper ] HP-UX crontab temporary file symbolic li nk

[Ann Cantelow <cantelow () ATLAS CSD NET>]

We found Dec/Compaq unpatched 4.0d vulnerable, but it was pointed out to
us that 4.0d with recommended patches is not vulnerable.  4.0g is not
vulnerable in our test, and we've been told 4.0f is not vulnerable.

Ann Cantelow


On Fri, 3 Nov 2000 perrycnd () WELLSFARGO COM wrote:

> Tested on HP10.20 - vulnerable
>       Solaris 2.5.1 - not vulnerable
>       Dec 4.0d - not vulnerable
>
> perrycnd () wellsfargo com
>
>
>
> > File : /usr/bin/crontab
> >
> > SYSTEM : HP-UX
> >
> >            Tested in HP-UX 11.00
> >
> > INFO :
> >
> > There is a vulneribility in "crontab" which allows users to read all files
>
> > without attaining root or file ownership privileges.