Compaq Tru64 patches for CERT VU#10277

From: Roberts Ross (Ross.Robertsat_private)
Date: Wed Jan 30 2002 - 08:27:26 PST

Next message: Jason Johns - SAS(IT): "DoS bug on Tru64"

Previous message: hans.somersat_private: "Long path exploit on NTFS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Compaq apparently released patches for the above mentioned vulnerability
(and possibly some others) in the last day or two. I saw no mention of this
so I thought I would throw it out.

From the CERT info on the vulnerability:

Vulnerability Note VU#10277
Various shells create temporary files insecurely when using << operator
Overview
sh uses /tmp files of a predictable name in creating files for input
redirection using the << operator. 

http://www.tru64unix.compaq.com/unix/security-download.html for the
patch/security information;
http://ftp.support.compaq.com/patches/.new/unix.shtml for the actual
patches.


--
-Ross Roberts
 Unix/Network Administrator
 Alcatel Telecommunications Cable

Next message: Jason Johns - SAS(IT): "DoS bug on Tru64"
Previous message: hans.somersat_private: "Long path exploit on NTFS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Jan 30 2002 - 08:57:38 PST