Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: smbd remote file creation vulnerability
From: Tomek Lipski <Tomek.Lipski () ecl pl>
Date: Tue, 26 Jun 2001 07:31:32 +0200 (CEST)

On Mon, 25 Jun 2001, Pavol Luptak wrote:

Linux kernels with openwall patch (with restricted links in /tmp) are
imunne to this type of attack (following symlinks does not work, link
owner does not match with file's owner).
I dont know how openwall patch works but symlinks can be put anywhere ( ~/
for example..) to make this exploit work... [this is just a theory. havent
tested that ;)]

--
Tomek Lipski
email: [ Tomek.Lipski () ecl pl ] gsm: [ +48 606 787 423 ]
Eclipse ISP http://www.ecl.pl/
Czestochowa Al. NMP 31 tel. 034 3665011


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]