Linux Today: Linux News On Internet Time.









More on LinuxToday

Security Linux News for Dec 06, 2000

  • Conectiva Linux Security Announcement - bash (Dec 06, 2000, 21:13)
    "There is a vulnerability regarding the use of "<<" redirectors. If used, the shell creates a temporary file in /tmp with a predictable filename (the only variant is the PID). Additionally, it was not being opened exclusively."

  • Conectiva Linux Security Announcement - bash (Dec 06, 2000, 16:22)
    "There is a vulnerability regarding the use of "<<" redirectors. If used, the shell creates a temporary file in /tmp with a predictable filename (the only variant is the PID). Additionally, it was not being opened exclusively. This can be used by an attacker to overwrite arbitrary files in the system. At least one initialization script (rc.sysinit) uses "<<", and it is run as root at boot time."