-----BEGIN PGP SIGNED MESSAGE----- A vulnerability in one of the scripts used by the unix security tool Tiger has been discovered and a patch issued. Tiger is a public domain package developed and maintained by Texas A&M University, used for checking security problems on a Unix system. Due to lack of checking, a local user can craft a command in such a way that he may have the command executed with the privileges of the process running Tiger (usually root). While no known compromises have occurred due to this vulnerability, it is recommended that the patch be applied if you run tiger. Patches for tiger have been issued and are available at ftp://net.tamu.edu/pub/security/TAMU/ Thanks to Michel Miqueu and Philippe Bourgeois of CERT-IST for reporting the problem. Ellen - -- Ellen Mitchell Network Group Texas A&M University -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBN5SI2vjlKRxZFQKVAQGm2wQAqfJWT1nW5A3odbYWa+yvUYjRBkACBVac hslPIEtX8xVTOgrsHVK5ugT3lD0jz6jQc2DVkIhp89dS4st/+GrFu6ikcg2PaN1x a7YfqnpYxjRQuTEL9mVG67tyCvsxmOpzv/aTWwEd9AJofRbCUdWK1ruBe2P6Vd2s B/BdszrqfbI= =nyA0 -----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:52:47 PDT