Bugtraq mailing list archives
Re: smbd remote file creation vulnerability
From: Steve Beattie <steve () wirex net>
Date: Wed, 27 Jun 2001 17:10:03 -0700
On Wed, Jun 27, 2001 at 12:42:52AM +0200, Wichert Akkerman wrote:
Previously Pavol Luptak wrote:Linux kernels with openwall patch (with restricted links in /tmp) are imunne to this type of attack (following symlinks does not work, link owner does not match with file's owner).If symlink don't work you can still use a hardlink though.
Note that the same option in the OpenWall patch also prevents the creation of hardlinks to files that you don't own. -- Steve Beattie Don't trust programmers? <steve () wirex net> Complete StackGuard distro at http://immunix.org/~steve/ immunix.org
Current thread:
- Re: smbd remote file creation vulnerability, (continued)
- Re: smbd remote file creation vulnerability maniac (Jun 25)
- Re: smbd remote file creation vulnerability Pavol Luptak (Jun 25)
- Re: smbd remote file creation vulnerability Jarno Huuskonen (Jun 26)
- Re: smbd remote file creation vulnerability Pavol Luptak (Jun 26)
- Re: smbd remote file creation vulnerability Simple Nomad (Jun 27)
- Re: smbd remote file creation vulnerability Olaf Kirch (Jun 28)
- Re: smbd remote file creation vulnerability Simple Nomad (Jun 28)
- Re: smbd remote file creation vulnerability Pavol Luptak (Jun 25)
- Re: smbd remote file creation vulnerability maniac (Jun 25)
- Re: smbd remote file creation vulnerability Tomek Lipski (Jun 26)
- Re: smbd remote file creation vulnerability Wichert Akkerman (Jun 27)
- Re: smbd remote file creation vulnerability Michal Zalewski (Jun 28)
- Re: smbd remote file creation vulnerability Steve Beattie (Jun 28)
- Re: smbd remote file creation vulnerability Phil Stracchino (Jun 28)
- Re: smbd remote file creation vulnerability Joachim Blaabjerg (Jun 27)
- Re: smbd remote file creation vulnerability Michal Zalewski (Jun 28)
- Re: smbd remote file creation vulnerability sarnold (Jun 28)
- Re: smbd remote file creation vulnerability Joseph Nicholas Yarbrough (Jun 26)