Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1998_3

Bugtraq archives for 3rd quarter (Jul-Sep) 1998: AfterStep asfsm tmp hole

AfterStep asfsm tmp hole

Kristofer Coward (krisSNOW.UTORONTO.CA)
Tue, 25 Aug 1998 01:06:51 -0400

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Kristofer Coward: "Re: AfterStep asfsm tmp hole"
Previous message: Marc Slemko: "Solaris ab2 web server is junk"

The disk usage monitor that comes with AfterStep (asfsm) overwrites
/usr/tmp/statfs regularly as whoever launched it, allowing the typical
symlink crap we've come to expect, including a possible DoS if run as
root.

Kris Coward
krissnow.utoronto.ca

Next message: Kristofer Coward: "Re: AfterStep asfsm tmp hole"
Previous message: Marc Slemko: "Solaris ab2 web server is junk"