TUCoPS :: Linux :: SUSE :: hack0947.htm

SuSE 9.0 possible symlink attacks in some scripts
[SuSE 9.0] possible symlink attacks in some scripts 



Product: some scripts shipped with suse 9.0 

Date: 20.01.2004 

Author: l0om  

 

greetings, 

i have done a litte reseach on a SuSE linux 9.0 box 

for possible symlink attacks. i have checked nearly 

every script i could found on the system. i havent 

found much and nothing very special.i dont have a 

clue if the following scripts are somewhere on the 

system executed but maybe someone useses them in a 

script or something like that. 

 

 

** 

/usr/X11R6/bin/fvwm-bug 

[...] 

TEMP=/tmp/fvwm-bug.$$ 

[...] 

cat > $TEMP < /tmp/xf86debug.1.log 

echo "Debugger output written to /tmp/

xf86debug.1.log." #thx for that info 

[...] 

 

** 

/opt/kde3/bin/winpopup-send.sh 

echo "$2" > /tmp/.winpopup-new 

echo `date +"%a %l:%m %p"` >> /tmp/.winpopup-new 

cat "$1" | tr "\000" "\012" >> /tmp/.winpopup-new 

mv -f /tmp/.winpopup-new /tmp/.winpopup 

 

** 

/sbin/lvmcreate_initrd 

[...] 

DEVRAM=/tmp/initrd.$$ 

[...] 

verbose "using $DEVRAM as a temporary loopback file" 

#thx for that info 

dd if=/dev/zero of=$DEVRAM count=$INITRDSIZE bs=1024 

> /dev/null 2>&1 

[...] 

 

**********  greets @ proxy, takt, maximilian, sirius, 

dna, fe2k, xnet, zexl 

		     	   rest of excluded.org 

		     nofx, rancid, bad religion, less 

than jake ... 

			www.excluded.org  --l0om 

		     		have Phun!

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH