Hi, there is a symlink problem in the popauth utility, which is part of the qpoper package. The binary is often istalled suid pop and follows symlinks in the -trace file option. This problem has been reported to vendors in June 2001. Impact: in case of suid popauth and valid shell for user pop, the attached script will create suid-pop shell, if someone su to pop. This may happen as a part of some automated check script (startup script). This vulnerability is not very crucial, however it should be reported at least once. /ih
This archive was generated by hypermail 2b30 : Mon Dec 17 2001 - 19:30:34 PST