Bugtraq mailing list archives
Re: hole in sudo for MP-RAS.
From: Todd.Miller () COURTESAN COM (Todd C. Miller)
Date: Tue, 13 Jan 1998 08:41:26 -0700
Actually, that line should just be: if (strchr(cmnd, '/') == NULL) This is fixed in version 1.5.4, available from: ftp://ftp.cs.colorado.edu/pub/sysadmin/sudo/cu-sudo.v1.5.4.tar.Z ftp://ftp.courtesan.com/pub/sudo/cu-sudo.v1.5.4.tar.Z (very slow link) - todd
Current thread:
- bug in Solaris 2.6 security logging, (continued)
- bug in Solaris 2.6 security logging Ruth Milner [VLA] (Jan 12)
- Buffer overflows in Deliver: get 2.1.13 Chip Salzenberg (Jan 12)
- [SIGNED] Buffer overflows in Deliver: get 2.1.13 Chip Salzenberg (Jan 12)
- KSR[T] Advisory #6: deliver KSR[T] (Jan 12)
- Re: KSR[T] Advisory #6: deliver Chip Salzenberg (Jan 12)
- hole in sudo for MP-RAS. osiris () COURIER CB LUCENT COM (Jan 12)
- Re: hole in sudo for MP-RAS. Cy Schubert - ITSD Open Systems Group (Jan 12)
- Re: hole in sudo for MP-RAS. Todd C. Miller (Jan 12)
- Re: hole in sudo for MP-RAS. Cy Schubert - ITSD Open Systems Group (Jan 12)
- Re: hole in sudo for MP-RAS. Todd C. Miller (Jan 12)
- Re: hole in sudo for MP-RAS. Todd C. Miller (Jan 13)
- Re: hole in sudo for MP-RAS. dsiebert () ICAEN UIOWA EDU (Jan 12)
- Re: hole in sudo for MP-RAS. Todd C. Miller (Jan 12)
- CPSN 9:971208: Solaris /var Permission Problems CPIO Advisory Role Account (Jan 12)