Bugtraq: Re: aaa_base still vulnerable after upgrade

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: aaa_base still vulnerable after upgrade

From: vonbrand () SLEIPNIR VALPARAISO CL (Horst von Brand)
Date: Mon, 1 May 2000 10:57:48 -0400


Marc Heuse <marc () SUSE DE> said:

[...]

touch "/tmp/x /etc/rc.config"

btw have you ever tried out this command? It won't work. A filename is not
allowed to have a slash in it's name ...


True. But spaces are legal... this is file etc/rc.config inside directory
"x " inside /tmp

Note that Red Hat duistributes a binary called tmpwatch (written by them
and GPL) which safely deletes /tmp entries. Quite old, AFAIKT.

--
Horst von Brand                             vonbrand () sleipnir valparaiso cl
Casilla 9G, Viña del Mar, Chile                               +56 32 672616

By Date By Thread

Current thread:

Re: aaa_base still vulnerable after upgrade Valdis.Kletnieks () VT EDU (May 01)
- <Possible follow-ups>
- Re: aaa_base still vulnerable after upgrade Horst von Brand (May 01)