[16345] in bugtraq
Re: Multiple Local Vulnerabilities in Helix Gnome Installer
daemon@ATHENA.MIT.EDU (Olaf Kirch)
Tue Aug 22 13:54:16 2000
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-ID: <20000822104235.B10964@monad.swb.de>
Date: Tue, 22 Aug 2000 10:42:35 +0200
Reply-To: Olaf Kirch <okir@CALDERA.DE>
From: Olaf Kirch <okir@CALDERA.DE>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <E13QAYl-0007il-00@the-village.bc.nu>; from
alan@LXORGUK.UKUU.ORG.UK on Sat, Aug 19, 2000 at 04:29:16PM +0100
On Sat, Aug 19, 2000 at 04:29:16PM +0100, Alan Cox wrote:
> 1. Several of the gdmify functions are vulnerable to attack because
> they use system and /tmp in unsafe manners
>
> > SuSE and Caldera
[snip]
Just to make sure there's no confusion about this issue; Caldera
doesn't ship any Helix code with its products. This issue will
only affect you if you have downloaded the installer from the
Helix FTP site.
Olaf Kirch
--
Olaf Kirch | --- o --- Nous sommes du soleil we love when we play
okir@monad.swb.de | / | \ sol.dhoop.naytheet.ah kin.ir.samse.qurax
okir@caldera.de +-------------------- Why Not?! -----------------------
UNIX, n.: Spanish manufacturer of fire extinguishers.
