<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos network security services platform

Bugtraq: Re: [Full-Disclosure] Possible race condition in Symantec AntiVirus Scan Engine for Red Hat Linux during LiveUpdate

Re: [Full-Disclosure] Possible race condition in Symantec AntiVirus Scan Engine for Red Hat Linux during LiveUpdate

From: <Valdis.Kletnieks_at_vt.edu>
Date: Mon, 16 Feb 2004 11:21:39 -0500

On Mon, 16 Feb 2004 16:49:53 +0100, "Dr. Peter Bieringer" said:

> logfile=/tmp/LiveUpdate.log <---!!!!!!
>
> Impact:
> Before first run of LiveUpdate (like suggested in doc, user "symantec" does
> this) a possible race condition via a symlink attack by another user will
> result in the creation of a new file (as user "symantec") or appending
> LiveUpdate log to an existent file (owned by user "symantec").

For bonus points, figure out what happens if you reboot and your /etc/fstab has this:

none /tmp tmpfs mode=1777 0 0

The gift that keeps on giving. ;)

application/pgp-signature attachment: stored

Received on Feb 17 2004

This message: [ Message body ]
Next message: opticfiber: "Re: [work] Re: W2K source "leaked"?"
Previous message: Anthony Saffer: "Re: Misinformation in Security Advisories (ASN.1)"
In reply to: Dr. Peter Bieringer: "Possible race condition in Symantec AntiVirus Scan Engine for Red Hat Linux during LiveUpdate"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]