Date: Mon, 14 Nov 2005 17:48:34 +0100 From: "Simon L. Nielsen" <simon@FreeBSD.org> To: Dmitry Grigorovich <odip@bionet.nsc.ru> Cc: freebsd-security@freebsd.org Subject: Re: Race condition in Sudo's pathname validation, version <= 1.6.8p9 Message-ID: <20051114164833.GG64196@eddie.nitro.dk> In-Reply-To: <000b01c5e934$4ed79690$160219ac@bionet.nsc.ru> References: <000b01c5e934$4ed79690$160219ac@bionet.nsc.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
--QWpDgw58+k1mSFBj Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2005.11.14 21:58:49 +0600, Dmitry Grigorovich wrote: > http://sudo.ws/sudo/alerts/path_race.html See http://vuxml.FreeBSD.org/3bf157fa-e1c6-11d9-b875-0001020eed82.html for details regarding this vulnerability in the context of the FreeBSD Ports Collection. Note that this is a rather old issue which was published 2005-06-20. --=20 Simon L. Nielsen FreeBSD Security Team --QWpDgw58+k1mSFBj Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFDeL/hh9pcDSc1mlERArZBAJ90krnKK2rcMEFa9jwQf/73omaVMQCcCwWf BFFD7e6/aetyXC45f+SpOCg= =I7A1 -----END PGP SIGNATURE----- --QWpDgw58+k1mSFBj--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051114164833.GG64196>