Bugtraq mailing list archives
DU V4.0 security hole (fwd)
From: jmcdonal () OSPREY UNF EDU (John McDonald)
Date: Mon, 17 Nov 1997 11:24:10 -0500
---------- Forwarded message ---------- Date: Mon, 17 Nov 1997 14:11:52 +0000 From: John McNulty <jm () uvo dec com> To: jmcdonal () unf edu Cc: moorem () bucks edu Subject: DU V4.0 security hole Folks, Someone forwarded me your mails to Bugtrack on this security problem. What I can tell you is that this "SUID program dumping core and following sym-links" problem is known about and a fix has been already written and well tested. This fix has already been submitted to the BL8 patch kit sources pools for the various V4.0* versions, and is due for public release quite soon. You can get the BL8 patch kit(s) for your version(s) either from the web (the usual place) or from your local CSC. Cheers, John -------------------------------------------------------- John McNulty | Email: jm () uvo dec com UK CSC, Unix Support Group | Tel: (44) 1256 373862 Digital Equipment Corporation | DTN: 833-3862
Current thread:
- DU V4.0 security hole (fwd) John McDonald (Nov 17)