Filesystem DoS on SCO Openserver 5

From: Tim Kutergin (timat_private)
Date: Mon Sep 21 1998 - 03:56:32 PDT

Next message: Chuck Byam: "Security alert - CGI exploit in Xitami for OS/2"

Previous message: Wolfram Schneider: "Re: Locate overflow / Promiscuous mode / Posting tips"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

                Hi All !

        It seems that I have been hit by bug in HTFS filesystem on SCO
Openserver 5. The problem is that You could do unlink("..") and this
operation will be successful (if You have permissions) corrupting
filesystem. I have discovered this anomaly when investigating constant
system crashes when users were deleting mailboxes in Cyrus imap server
1.5.2  There was bad code in imapd that was trying to delete ".." when
removing mailbox (newer versions of imapd are fixed). So usual user may
severely damage filesystem by doing unlink("..") in subdirectories, where
hi has permissions to do this. I had reported this bug to SCO, but they
replied that I have problems with hardware.

Sorry for bad English
Timofey

Next message: Chuck Byam: "Security alert - CGI exploit in Xitami for OS/2"
Previous message: Wolfram Schneider: "Re: Locate overflow / Promiscuous mode / Posting tips"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:17:14 PDT