Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: nfs_mount in AIX
From: proff () suburbia apana org au (Julian Assange)
Date: Thu, 27 Apr 1995 13:48:04 +1000 (EST)


Here's a little additional information.....  the nfs_mount routine does its
work through the vmount() system call, which is documented.  If this is a
security hole at all, then it's because it would let an attacker mount a
remote filesystem under his control onto a world-readable directory like
                                                   ^^^^^^^^
/tmp or /var/preserve, and thereby grab a copy of everything that was
written to that directory.  Anybody want to write a test program?

Shouldn't that be writeable?

-Proff



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault