Bugtraq mailing list archives

Possible symlink problems with Netscape 4.73

From: foo () BLACKLISTED INTRANOVA NET (foo)
Date: Wed, 10 May 2000 16:31:16 -0400


It appears that Netscape 4.73 (and earlier versions) incorrectly creates
a temporary file in '/tmp' when importing certificates:

...
open("/tmp/tmp3919AA5000A07DC", O_WRONLY|O_CREAT|O_TRUNC, 0666) =
25
fchmod(25, 0600)                        = 0
fstat(25, {st_mode=0,st_size=0, ...})   = 0
...

Netscape doesn't try to stat()/lstat() the file beforehand, although it
wouldn't help much since open() uses O_TRUNC without O_EXCL(which is the
problem in itself).

I sent a small note about this to Netscape a number of months ago and have
not received a reply. (am I possibly missing something here?, *shrug*)
Not a big bug, but a bug nonetheless =)

Current thread:

Security Vulnerability in Qpopper 2.53 (Upgrade to 3.0.2), (continued)
- - - Security Vulnerability in Qpopper 2.53 (Upgrade to 3.0.2) Qpopper Support (May 23)
    - Remote xploit for MDBMS |[TDP]| (May 24)
    - HP Web JetAdmin Version 6.0 Remote DoS attack Vulnerability Ussr Labs (May 24)
    - Re: RFP2K04: Mining BlackICE with RFPickAxe rain forest puppy (May 19)
    - revised patches for kerberos vulnerability Tom Yu (May 19)
    - Microsoft Security Bulletin (MS00-029) Microsoft Product Security (May 19)
    - BindView Security Advisory: jolt2 - Remote DoS against NT, W2K, 9x BindView Security Advisory (May 19)
    - Bugtraq Stats for the last 3 years available now. Alfred Huger (May 17)
  - KNapster Vulnerability Compromises User-readable Files Tom Daniels (May 10)
  - Gnapster Vulnerability Compromises User-readable Files Jim Early (May 10)
  - Possible symlink problems with Netscape 4.73 foo (May 10)
  - SSH Authentication Vulnerability John P. McNeely (May 10)
    - Re: [cert] SSH Authentication Vulnerability Ignacio Kadel-Garcia (May 11)
  - Black Watch Labs Vulnerability Alert Black Watch Labs (May 10)
    - issues with free Perl CGI's (Re: Black Watch Labs...) Peter W (May 10)
  - Advisory: Unchecked system(blaat $var blaat) call in Bugzilla 2.8 Frank van Vliet (May 10)
    - Re: Advisory: Unchecked system(blaat $var blaat) call in Bugzilla 2.8 Todd C. Miller (May 10)
- NetStructure 7110 console backdoor Brian Oblivion (May 09)
- NetStructure 7180 remote backdoor vulnerability Brian Oblivion (May 09)
- FreeBSD Security Advisory: FreeBSD-SA-00:16.golddig FreeBSD Security Officer (May 09)
- FreeBSD Security Advisory: FreeBSD-SA-00:17.libmytinfo FreeBSD Security Officer (May 09)

(Thread continues...)