[Am-info] RHMask Local File Overwrite Vulnerability
Fred A. Miller
fm@cupserv.org
Tue, 25 Jun 2002 16:41:48 -0400
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
RHMask Local File Overwrite Vulnerability
BugTraq ID: 4984
Remote: No
Date Published: Jun 11 2002 12:00A
Relevant URL:
http://www.securityfocus.com/bid/4984
Summary:
rhmask is a is a Red Hat Linux utility for distributing files as masks
against other files.
rhmask does not sufficiently validate the output filename supplied in=20
mask files. Attackers may potentially exploit this issue to create a=20
mask file which may cause other system files to be overwritten via=20
symlinks when the mask is applied. Under normal circumstances, the=20
user is prompted with the name of the target file. However, rhmask=20
does not check if the target filename is a symbolic link.
rhmask is not installed by default in recent versions of Red Hat Linux.
- --=20
Fred A. Miller
Systems Administrator
Cornell Univ. Press Services
fm@cupserv.org, www.cupserv.org
- --- SuSE Linux v8.0 Pro, Netscape 7.0---
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAj0Y1YwACgkQB9vk4ichYXd9TgCgkM/JdIZDsy96ea4WwQKQBSvd
OKkAniPVeJ9H5rVKVyVcJmjT/FNFjF2P
=3DrMby
-----END PGP SIGNATURE-----