Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1997_3

Bugtraq archives for 3rd quarter (Jul-Sep) 1997: Pine's re-occuring nightmare (fwd)

Pine's re-occuring nightmare (fwd)

jerichoDIMENSIONAL.COM
Mon, 1 Sep 1997 05:12:40 -0600

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Jake Luck: "Re: Mac TCP/IP Stack glitch."
Previous message: jerichoDIMENSIONAL.COM: "Pine's re-occuring nightmare"

I guess I should have researched this a bit more. On top of 3.96 being
vulnerable, I have found a system with 3.95 that exhibits the same
behaviour. In that case, every version of Pine from 3.91 to 3.96 seems to
be vulnerable to this problem.

Perhaps a script that kills all user logins, and then runs PINE would do
the trick? :)

---------- Forwarded message ----------
Date: Mon, 1 Sep 1997 04:53:58 -0600 (MDT)
From: jerichodimensional.com
To: Bugtraq <BUGTRAQNETSPACE.ORG>
Cc: pine-bugscac.washington.edu
Subject: Pine's re-occuring nightmare


(sorry if this has been posted.. i haven't seen anything about it yet)
(If memory serves, Sean  Litterbox was the first to write up a problem
 report and post it here.. his original 'advisory' covers this problem.
 just sub in the new version number. :)

As we all know from past posts, Pine 3.91 - 3.94 had a problem where it
threw down a temporary file in /tmp that was based off its PID. The file
was mode 666 creating a symlink problem. 3.95 came out and fixed this
problem.

3.96 has the same thing. I have 3.96 running on a Linux (Slack 3.3) box,
and have verified it on a Sun 4.1.4 box as well. In both cases, the
temporary files were PID based, and mode 666 like before.

Guess this means every odd release will be more secure? :)

- Damien

Next message: Jake Luck: "Re: Mac TCP/IP Stack glitch."
Previous message: jerichoDIMENSIONAL.COM: "Pine's re-occuring nightmare"