[16688] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: tmpwatch: local DoS : fork()bomb as root

daemon@ATHENA.MIT.EDU (stanislav shalunov)
Mon Sep 11 02:12:46 2000

Message-Id:  <878zt1dqjv.fsf@cain.internet2.edu>
Date:         Sat, 9 Sep 2000 20:44:04 -0400
Reply-To: shalunov@INTERNET2.EDU
From: stanislav shalunov <shalunov@INTERNET2.EDU>
X-To:         zenith parsec <zenith_parsec@THE-ASTRONAUT.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To:  <20000909105828.20274.qmail@fiver.freemessage.com>

zenith parsec <zenith_parsec@THE-ASTRONAUT.COM> writes:

>  Any user with write access to /tmp or /var/tmp can cause redhat 6.1 (and
> others runnng tmpwatch from cron) to stop responding, and possibly requre
> a hard reboot.

The is one of the kinds of vulnerabilities that stmpclean has been
designed to avoid.

ftp://ftp.mccme.ru/users/shalunov/stmpclean-0.1.tar.gz

--
Stanislav Shalunov						Internet2

"I didn't attend the funeral, but I sent a nice letter saying that I
approved of it."				-- Mark Twain


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[16688] in bugtraq

Re: tmpwatch: local DoS : fork()bomb as root

daemon@ATHENA.MIT.EDU (stanislav shalunov)Mon Sep 11 02:12:46 2000

daemon@ATHENA.MIT.EDU (stanislav shalunov)
Mon Sep 11 02:12:46 2000