Vulnerability: local exploit
Proton reported on bugtraq that tcsh did not handle in-here
documents correctly. The version of tcsh that is distributed with
Debian GNU/Linux 2.2r0 also suffered from this problem.
When using in-here documents using the << syntax tcsh uses
a temporary file to store the data. Unfortunately the temporary
file is not created securely and standard symlink attacks can be
used to make tcsh overwrite arbitrary files.
This has been fixed in version 6.09.00-10 and we recommend that
you upgrade your tcsh package immediately.
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 2.2 alias potato
Potato was released for the alpha, arm, i386, m68k, powerpc and
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.