[20851] in bugtraq
Re: SSH allows deletion of other users files...
daemon@ATHENA.MIT.EDU (Jason DiCioccio)
Mon Jun 4 16:48:16 2001
Message-ID: <3B1BB27A.1020104@bsd.st>
Date: Mon, 04 Jun 2001 09:08:26 -0700
From: Jason DiCioccio <geniusj@bsd.st>
MIME-Version: 1.0
To: zen-parse@gmx.net
Cc: bugtraq@securityfocus.com
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
zen-parse@gmx.net wrote:
>SSH allows deletion of other users files.
>=========================================
>
>You can delete any file on the filesystem you want...
>
>as long as its called cookies.
>
Is this for OpenSSH, or SSH 1.2.x or? Just kind of curious what
version(s) of SSH this was tested on.
Also: SSH Version OpenSSH_2.3.0 green@FreeBSD.org 20010321 -- That comes
with FreeBSD 4.3-STABLE
is not vulnerable at first glance. It does not appear to use /tmp files
as yours does and therefore is not vulnerable.
Cheers,
-JD-
--
Jason DiCioccio - geniusj@bsd.st - PGP Key @ http://bsd.st/~geniusj/pgpkey.asc
