Bugtraq mailing list archives
Re: [SuSE 9.0] possible symlink attacks in some scripts
From: Thomas Biege <thomas () suse de>
Date: Thu, 22 Jan 2004 09:08:07 +0100 (CET)
greetings,
Hello.
i have done a litte reseach on a SuSE linux 9.0 box for possible symlink attacks. i have checked nearly every script i could found on the system. i havent found much and nothing very special.
Good.
i dont have a clue if the following scripts are somewhere on the system executed but maybe someone useses them in a script or something like that.
We will fix the bugs you found, but it's always nicer to contact us before you go public with bug-reports. Just write an eMail to security () suse de and you will get an answer after a few hours or less. Bye, Thomas -- Thomas Biege <thomas () suse de>, SUSE LINUX AG, Security Support & Auditing -- # If you have the "driftnet" program installed, webcollage can display a # collage of images sniffed off your local ethernet, instead of pulled out # of search engines: in that way, your screensaver can display the images # that your co-workers are downloading! -- xscreensaver source-code
Current thread:
- [SuSE 9.0] possible symlink attacks in some scripts Rene (Jan 20)
- <Possible follow-ups>
- Re: [SuSE 9.0] possible symlink attacks in some scripts Thomas Biege (Jan 22)