CVE-2000-1134 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2000-1134
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2000-1134

Description: Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.

CVE Status: Candidate

References: SGI REDHAT http://www.redhat.com/support/errata/RHSA-2000-121.html http://www.redhat.com/support/errata/RHSA-2000-117.html OVAL http://oval.mitre.org/oval/definitions/data/oval4047.html MANDRAKE http://www.linux-mandrake.com/en/security/MDKSA-2000-069.php3 http://www.linux-mandrake.com/en/security/MDKSA-2000-075.php3 FREEBSD DEBIAN http://www.debian.org/security/2000/20001111a CONECTIVA http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000350 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000354 COMPAQ http://archives.neohapsis.com/archives/tru64/2002-q1/0009.html CERT-VN 10277 CALDERA http://www.calderasystems.com/support/security/advisories/CSSA-2000-042.0.txt http://www.calderasystems.com/support/security/advisories/CSSA-2000-043.0.txt BUGTRAQ http://www.securityfocus.com/archive/1/146657 http://marc.theaimsgroup.com/?l=bugtraq&m=97561816504170&w=2 http://archives.neohapsis.com/archives/bugtraq/2000-10/0418.html BID 1926 2006

Return to the previous page.