Bugtraq mailing list archives
Re: smbd remote file creation vulnerability
From: Jarno Huuskonen <Jarno.Huuskonen () uku fi>
Date: Tue, 26 Jun 2001 09:53:29 +0300
On Mon, Jun 25, Pavol Luptak wrote:
Linux kernels with openwall patch (with restricted links in /tmp) are imunne to this type of attack (following symlinks does not work, link owner does not match with file's owner).
The symlink restrictions work only in /tmp (mode 1777) directories, so making the symlink in your own homedir still works (should work). -Jarno -- Jarno Huuskonen <Jarno.Huuskonen () removeme uku fi>
Current thread:
- smbd remote file creation vulnerability Michal Zalewski (Jun 24)
- Re: smbd remote file creation vulnerability maniac (Jun 25)
- Re: smbd remote file creation vulnerability Pavol Luptak (Jun 25)
- Re: smbd remote file creation vulnerability Jarno Huuskonen (Jun 26)
- Re: smbd remote file creation vulnerability Pavol Luptak (Jun 26)
- Re: smbd remote file creation vulnerability Simple Nomad (Jun 27)
- Re: smbd remote file creation vulnerability Olaf Kirch (Jun 28)
- Re: smbd remote file creation vulnerability Simple Nomad (Jun 28)
- Re: smbd remote file creation vulnerability Pavol Luptak (Jun 25)
- Re: smbd remote file creation vulnerability maniac (Jun 25)
- Re: smbd remote file creation vulnerability Tomek Lipski (Jun 26)
- Re: smbd remote file creation vulnerability Wichert Akkerman (Jun 27)
- Re: smbd remote file creation vulnerability Michal Zalewski (Jun 28)
- Re: smbd remote file creation vulnerability Steve Beattie (Jun 28)
- Re: smbd remote file creation vulnerability Phil Stracchino (Jun 28)
- Re: smbd remote file creation vulnerability Joachim Blaabjerg (Jun 27)