|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
tiger vulnerability
Ellen L Mitchell (ellenm
NET.TAMU.EDU)
Tue, 20 Jul 1999 09:37:39 -0500
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
- Next message: Howard Kaye: "Re: Shared memory DoS's"
- Previous message: Jim Hebert: "Re: AMaViS virus scanner for Linux - root exploit"
-----BEGIN PGP SIGNED MESSAGE-----
A vulnerability in one of the scripts used by the unix security tool
Tiger has been discovered and a patch issued.
Tiger is a public domain package developed and maintained by Texas A&M
University, used for checking security problems on a Unix system. Due
to lack of checking, a local user can craft a command in such a way
that he may have the command executed with the privileges of the
process running Tiger (usually root).
While no known compromises have occurred due to this vulnerability,
it is recommended that the patch be applied if you run tiger.
Patches for tiger have been issued and are available at
ftp://net.tamu.edu/pub/security/TAMU/
Thanks to Michel Miqueu and Philippe Bourgeois of CERT-IST for
reporting the problem.
Ellen
- --
Ellen Mitchell
Network Group
Texas A&M University
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBN5SI2vjlKRxZFQKVAQGm2wQAqfJWT1nW5A3odbYWa+yvUYjRBkACBVac
hslPIEtX8xVTOgrsHVK5ugT3lD0jz6jQc2DVkIhp89dS4st/+GrFu6ikcg2PaN1x
a7YfqnpYxjRQuTEL9mVG67tyCvsxmOpzv/aTWwEd9AJofRbCUdWK1ruBe2P6Vd2s
B/BdszrqfbI=
=nyA0
-----END PGP SIGNATURE-----
- Next message: Howard Kaye: "Re: Shared memory DoS's"
- Previous message: Jim Hebert: "Re: AMaViS virus scanner for Linux - root exploit"
This archive was generated by hypermail 2.0b3 on Tue Jul 20 1999 - 03:43:15 CDT