Re: smbd remote file creation vulnerability

From: Tomek Lipski (Tomek.Lipskiat_private)
Date: Mon Jun 25 2001 - 22:31:32 PDT

Next message: Joseph Nicholas Yarbrough: "Re: smbd remote file creation vulnerability"

Previous message: kanda samy: "Formmail.pl Exploit - Anti-Spam and security fix available"
In reply to: Pavol Luptak: "Re: smbd remote file creation vulnerability"
Next in thread: Jarno Huuskonen: "Re: smbd remote file creation vulnerability"
Next in thread: Fatal Connect: "Re: smbd remote file creation vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 25 Jun 2001, Pavol Luptak wrote:

> Linux kernels with openwall patch (with restricted links in /tmp) are
> imunne to this type of attack (following symlinks does not work, link
> owner does not match with file's owner).
I dont know how openwall patch works but symlinks can be put anywhere ( ~/
for example..) to make this exploit work... [this is just a theory. havent
tested that ;)]

--
Tomek Lipski
email: [ Tomek.Lipskiat_private ] gsm: [ +48 606 787 423 ]
Eclipse ISP http://www.ecl.pl/
Czestochowa Al. NMP 31 tel. 034 3665011

Next message: Joseph Nicholas Yarbrough: "Re: smbd remote file creation vulnerability"
Previous message: kanda samy: "Formmail.pl Exploit - Anti-Spam and security fix available"
In reply to: Pavol Luptak: "Re: smbd remote file creation vulnerability"
Next in thread: Jarno Huuskonen: "Re: smbd remote file creation vulnerability"
Next in thread: Fatal Connect: "Re: smbd remote file creation vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Jun 26 2001 - 12:40:48 PDT