Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

tiger vulnerability

From: ellenm () NET TAMU EDU (Ellen L Mitchell)
Date: Tue, 20 Jul 1999 09:37:39 -0500

-----BEGIN PGP SIGNED MESSAGE-----

A vulnerability in one of the scripts used by the unix security tool
Tiger has been discovered and a patch issued.

Tiger is a public domain package developed and maintained by Texas A&M
University, used for checking security problems on a Unix system.  Due
to lack of checking, a local user can craft a command in such a way
that he may have the command executed with the privileges of the
process running Tiger (usually root).

While no known compromises have occurred due to this vulnerability,
it is recommended that the patch be applied if you run tiger.

Patches for tiger have been issued and are available at
ftp://net.tamu.edu/pub/security/TAMU/

Thanks to Michel Miqueu and Philippe Bourgeois of CERT-IST for
reporting the problem.

Ellen
- --
Ellen Mitchell
Network Group
Texas A&M University

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBN5SI2vjlKRxZFQKVAQGm2wQAqfJWT1nW5A3odbYWa+yvUYjRBkACBVac
hslPIEtX8xVTOgrsHVK5ugT3lD0jz6jQc2DVkIhp89dS4st/+GrFu6ikcg2PaN1x
a7YfqnpYxjRQuTEL9mVG67tyCvsxmOpzv/aTWwEd9AJofRbCUdWK1ruBe2P6Vd2s
B/BdszrqfbI=
=nyA0
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: