Bugtraq mailing list archives
Re: RedHat 5.2 lrzsz-0.12.14-5 have serious security hole
From: yuri () KILLER CRACKSOFT KIEV UA (Yuri Kuzmenko)
Date: Mon, 30 Nov 1998 22:16:21 +0200
lrz (Linux ZMODEM file receiver) from lrzsz package have a security hole with file permission. lrz create file with 0666 mode (world writable) File mode set to normal (specifed by other side) only after downloading. my umask is 022
Current thread:
- Re: RedHat 5.2 lrzsz-0.12.14-5 have serious security hole Yuri Kuzmenko (Nov 30)