TUCoPS :: Linux :: Red Hat/Fedora :: linuxcnf.txt

Linuxconf as shipped with RedHat 5.1 contains a /tmp bug.

[ http://www.rootshell.com/ ]

Date:         Sat, 22 Aug 1998 20:35:42 -0500
From:         Alex Mottram <alex@NET-CONNECT.NET>
Subject:      Security concerns in linuxconf shipped w/RedHat 5.1

There exists a security / DOS problem with linuxconf-1.11.r11-rh3/i386 as
upgraded from RedHat's FTP site.  No other versions have been tested by me. 
Both the maintainer of linuxconf and RedHat Software were made aware of this

[root@machine SRPMS]# rpm -q linuxconf

The details of the problem are neither new nor exciting so a very brief
description follows:

linuxconf creates at least one file in /tmp during/at execution, and
will blindly follow a symlink from that file.  As linuxconf is an admin
tool, and can/should only be run as root, the possibilities of system
smashing are multiple.

A version of linuxconf that does not have this problem is available at:

Thanks to Jacques Gelinas (linuxconf maintainer)  for releasing a fixed
version quickly.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH