Bugtraq mailing list archives
Re: [ Hackerslab bug_paper ] HP-UX crontab temporary file symbolic li nk
From: Ann Cantelow <cantelow () ATLAS CSD NET>
Date: Sat, 4 Nov 2000 11:26:58 -0700
We found Dec/Compaq unpatched 4.0d vulnerable, but it was pointed out to us that 4.0d with recommended patches is not vulnerable. 4.0g is not vulnerable in our test, and we've been told 4.0f is not vulnerable. Ann Cantelow On Fri, 3 Nov 2000 perrycnd () WELLSFARGO COM wrote:
Tested on HP10.20 - vulnerable Solaris 2.5.1 - not vulnerable Dec 4.0d - not vulnerable perrycnd () wellsfargo comFile : /usr/bin/crontab SYSTEM : HP-UX Tested in HP-UX 11.00 INFO : There is a vulneribility in "crontab" which allows users to read all fileswithout attaining root or file ownership privileges.
Current thread:
- [ Hackerslab bug_paper ] HP-UX crontab temporary file symbolic li nk perrycnd (Nov 04)
- Re: [ Hackerslab bug_paper ] HP-UX crontab temporary file symbolic li nk Ann Cantelow (Nov 06)