Re: Race condition in Sudo's pathname validation, version <= 1.6
--QWpDgw58+k1mSFBj
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On 2005.11.14 21:58:49 +0600, Dmitry Grigorovich wrote:
> http://sudo.ws/sudo/alerts/path_race.html
See http://vuxml.FreeBSD.org/3bf157fa-e1c6-11d9-b875-0001020eed82.html
for details regarding this vulnerability in the context of the FreeBSD
Ports Collection.
Note that this is a rather old issue which was published 2005-06-20.
--=20
Simon L. Nielsen
FreeBSD Security Team
--QWpDgw58+k1mSFBj
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (FreeBSD)
iD8DBQFDeL/hh9pcDSc1mlERArZBAJ90krnKK2rcMEFa9jwQf/73omaVMQCcCwWf
BFFD7e6/aetyXC45f+SpOCg=
=I7A1
-----END PGP SIGNATURE-----
--QWpDgw58+k1mSFBj--