[17485] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[ Hackerslab bug_paper ] HP-UX crontab temporary file symbolic li

daemon@ATHENA.MIT.EDU (perrycnd@WELLSFARGO.COM)
Sat Nov 4 02:04:11 2000

MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Message-ID:  <FF052F3A9DFDD211B05D0001FA7E19A10423964E@xcem-casfo-12.wellsfargo.com>
Date:         Fri, 3 Nov 2000 19:15:12 -0700
Reply-To: perrycnd@WELLSFARGO.COM
From: perrycnd@WELLSFARGO.COM
To: BUGTRAQ@SECURITYFOCUS.COM

Tested on HP10.20 - vulnerable
	Solaris 2.5.1 - not vulnerable
	Dec 4.0d - not vulnerable

perrycnd@wellsfargo.com



> File : /usr/bin/crontab
>
> SYSTEM : HP-UX
>
>            Tested in HP-UX 11.00
>
> INFO :
>
> There is a vulneribility in "crontab" which allows users to read all files

> without attaining root or file ownership privileges.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[17485] in bugtraq

[ Hackerslab bug_paper ] HP-UX crontab temporary file symbolic li

daemon@ATHENA.MIT.EDU (perrycnd@WELLSFARGO.COM)Sat Nov 4 02:04:11 2000

daemon@ATHENA.MIT.EDU (perrycnd@WELLSFARGO.COM)
Sat Nov 4 02:04:11 2000