Re: klprfax_filter symlink vulnerability

[George Staikos <staikos () 0wned org>]

On Friday 14 December 2001 01:14, wang yuan wrote:
> hi,all !
> i'm sorry if this bug has been reported.
> klprfax_filter (kdeutils-2.2-2),is an application to make
> a printer that acts as a fax.
> when using klprfax_filter,it would creat a temp
> file,/tmp/klprfax.filter,but the  temporary file was not
> created safely,this vulnerability could be exploited to
> overwrite arbitrary files!
> just tested on redhat 7.1.

   This was announced by the KDE team on Nov 9.  The solution is to remove 
the suid bit from efax.  It seems to only need it for accessing the lock 
files and the modem.

-- 

George Staikos