Re: Another local root vulnerability during installation of Tarantella Enterprise 3.

From: Larry W. Cashdollar (lwcat_private)
Date: Tue Feb 19 2002 - 09:05:39 PST

Next message: 'ken'@FTU: "Dino's Webserver v1.2 DoS, possible overflow"

Previous message: David F. Skoll: "Re: Non existing attachments, more info"
In reply to: Larry W. Cashdollar: "Another local root vulnerability during installation of Tarantella Enterprise 3."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Recommendations:
> I again recommend the target system is running in single user mode before this
> software is installed.
>

I forgot to mention, you might want to make sure /tmp is clear of
malicious symlinks after you boot to run level 1 and before you install
the Tarantella.

-- Larry C$

Next message: 'ken'@FTU: "Dino's Webserver v1.2 DoS, possible overflow"
Previous message: David F. Skoll: "Re: Non existing attachments, more info"
In reply to: Larry W. Cashdollar: "Another local root vulnerability during installation of Tarantella Enterprise 3."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Feb 19 2002 - 15:32:24 PST