|
Known Affected Systems: Linux 1.2.8 using NCSA HTTPd 1.5a Description: The InterNetwork Operating Company has discovered a security hole related to Linux 1.2.8 and NCSA HTTPd 1.5a. In affected systems, the NCSA server, running as nobody/nogroup is able to access any files that are mode ?00 (readable only by owner). The security hole is known to occur through symbolic links as well as through aliases specified in the srm.conf file. It is known that through properly placed symbolic links, it is possible to obtain the shadow password file, user mail files, etc. This is extermely important for public Internet Service Providers that provide users with WWW space. This same security hole has been tested on BSDI 2.0.1, which does not appear to be affected. It has not yet been tested on other systems or with other http servers. jnelson@internoc.com John Nelson The InterNetwork Operating Company, Inc.