ed symlink attack
Sean
picasso@madflower.com
Tue, 28 Nov 2000 12:35:22 -0500 (EST)
Im not sure I really want to know how to exploit the security hole in ed's
package when it involves linking..
On 28 Nov 2000, Ben Pfaff wrote:
> Hey Ed, did you notice that someone found that you have a
> security hole? Make sure to upgrade yourself quickly before it
> gets exploited!
>
> Ben
>
> Original message:
> ----------------------------------------------------------------------
> Date: Wed, 29 Nov 2000 02:14:47 +0100
> From: Wichert Akkerman <wichert@cistron.nl>
> To: debian-security-announce@lists.debian.org
>
> Package : ed
> Problem type : symlink attack
> Debian-specific: no
>
> Alan Cox discovered that GNU ed (a classed line editor tool)
> created temporary files unsafely. This has been fixed in version
> 0.2-18.1.
>
> [much snippage]
> ----------------------------------------------------------------------
> _______________________________________________
> linux-user mailing list
> linux-user@egr.msu.edu
> http://www.egr.msu.edu/mailman/listinfo/linux-user
>