Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Unix :: General :: netwat-1.htm

Netwatch symlink vulnerability



    Systems running netwatch


    George Sakhnovsky found following.  netwatch 0.7e (latest  version
    on  sunsite  at  moment  of  writing)  creates  a  temp   logfile,
    /tmp/.watchlog.000,  each  time  it's  ran.   It  has  no  problem
    following symlinks, so you can  overwrite any file on the  system.
    Just do ln, and wait for the admin to run it.


    Wait for newer version that wil hopefully fix this.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH