[2982] in bugtraq
vulnerability in vi under AIX 3.2
daemon@ATHENA.MIT.EDU (Marina Buitrago Bravo)
Tue Jul 23 13:06:54 1996
Date: Tue, 23 Jul 1996 09:53:49 +0000
Reply-To: Bugtraq List <BUGTRAQ@netspace.org>
From: Marina Buitrago Bravo <buitrago@cica.es>
X-To: BUGTRAQ@crimelab.com
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
Hello all. I have found out that under AIX 3.2 the vi editor interprets
the file ./.exrc, even if you are root and this file is not owned by you.
This vulnerability seems rather obvious to me, do you know if a patch
exists for this?
SunOS 4.1.3 has a similar feature, but the file is interpreted only if
root owns the file ./.exrc.
Thanks in advance,
Marina.
--
--------------------------------------------------------------------
Marina Buitrago Bravo (buitrago@cica.es)
Centro Informatico Cientifico de Andalucia (CICA) - Area de Sistemas
Avda. Reina Mercedes s/n Tfno: 34 5 4623811
41012 Sevilla Fax: 34 5 4624506
--------------------------------------------------------------------
