[18033] in bugtraq
Re: [RHSA-2000:123-01] New ed packages available
daemon@ATHENA.MIT.EDU (Theo de Raadt)
Tue Dec 12 17:30:18 2000
Message-Id: <200012112019.eBBKJ1b24118@cvs.openbsd.org>
Date: Mon, 11 Dec 2000 13:19:01 -0700
Reply-To: Theo de Raadt <deraadt@CVS.OPENBSD.ORG>
From: Theo de Raadt <deraadt@CVS.OPENBSD.ORG>
X-To: bugzilla@REDHAT.COM
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: Your message of "Mon, 11 Dec 2000 04:37:00 EST."
<200012110937.eBB9bou28101@porkchop.redhat.com>
> ---------------------------------------------------------------------
> Red Hat, Inc. Security Advisory
>
> Synopsis: New ed packages available
> Advisory ID: RHSA-2000:123-01
> Issue date: 2000-12-06
> Updated on: 2000-12-06
> Product: Red Hat Linux
> Keywords: ed mktemp mkstemp /tmp
> Cross references: N/A
> ---------------------------------------------------------------------
>
> 1. Topic:
>
> The ed editor used files in /tmp in an insecure fashion.
> It was possible for local users to exploit this vulnerability
> to modify files that they normally could not and gain elevated privilege.
It's amazing to see a $$$-endowed vendor fix this on the 12th of
December, in the year 2000, considering:
revision 1.4
date: 1996/06/25 00:26:02; author: deraadt; state: Exp; lines: +3 -4
mkstemp
Almost four years. Wow.
