Bugtraq mailing list archives
Re: smbd remote file creation vulnerability
From: Wichert Akkerman <wichert () wiggy net>
Date: Wed, 27 Jun 2001 00:42:52 +0200
Previously Pavol Luptak wrote:
Linux kernels with openwall patch (with restricted links in /tmp) are imunne to this type of attack (following symlinks does not work, link owner does not match with file's owner).
If symlink don't work you can still use a hardlink though. Wichert. -- _________________________________________________________________ / Nothing is fool-proof to a sufficiently talented fool \ | wichert () cistron nl http://www.liacs.nl/~wichert/ | | 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0 2805 3CB8 9250 2FA3 BC2D |
Current thread:
- smbd remote file creation vulnerability Michal Zalewski (Jun 24)
- Re: smbd remote file creation vulnerability maniac (Jun 25)
- Re: smbd remote file creation vulnerability Pavol Luptak (Jun 25)
- Re: smbd remote file creation vulnerability Jarno Huuskonen (Jun 26)
- Re: smbd remote file creation vulnerability Pavol Luptak (Jun 26)
- Re: smbd remote file creation vulnerability Simple Nomad (Jun 27)
- Re: smbd remote file creation vulnerability Olaf Kirch (Jun 28)
- Re: smbd remote file creation vulnerability Simple Nomad (Jun 28)
- Re: smbd remote file creation vulnerability Pavol Luptak (Jun 25)
- Re: smbd remote file creation vulnerability maniac (Jun 25)
- Re: smbd remote file creation vulnerability Tomek Lipski (Jun 26)
- Re: smbd remote file creation vulnerability Wichert Akkerman (Jun 27)
- Re: smbd remote file creation vulnerability Michal Zalewski (Jun 28)
- Re: smbd remote file creation vulnerability Steve Beattie (Jun 28)
- Re: smbd remote file creation vulnerability Phil Stracchino (Jun 28)
- Re: smbd remote file creation vulnerability Joachim Blaabjerg (Jun 27)
- Re: smbd remote file creation vulnerability Michal Zalewski (Jun 28)
- Re: smbd remote file creation vulnerability sarnold (Jun 28)
- Re: smbd remote file creation vulnerability Joseph Nicholas Yarbrough (Jun 26)