[23500] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

klprfax_filter symlink vulnerability

daemon@ATHENA.MIT.EDU (wang yuan)
Fri Dec 14 12:37:55 2001

Date: 14 Dec 2001 06:14:54 -0000
Message-ID: <20011214061454.23117.qmail@mail.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: wang yuan <r0gue@21cn.com>
To: bugtraq@securityfocus.com

hi,all !
i'm sorry if this bug has been reported.
klprfax_filter (kdeutils-2.2-2),is an application to make 
a printer that acts as a fax.
when using klprfax_filter,it would creat a temp 
file,/tmp/klprfax.filter,but the  temporary file was not 
created safely,this vulnerability could be exploited to
overwrite arbitrary files!
just tested on redhat 7.1.

Cheers
r0gue


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[23500] in bugtraq

klprfax_filter symlink vulnerability

daemon@ATHENA.MIT.EDU (wang yuan)Fri Dec 14 12:37:55 2001

daemon@ATHENA.MIT.EDU (wang yuan)
Fri Dec 14 12:37:55 2001