Compaq Tru64 patches for CERT VU#10277

From: Roberts Ross (
Date: 01/30/02

From: Roberts Ross <>
To: "''" <>
Date: Wed, 30 Jan 2002 11:27:26 -0500

Compaq apparently released patches for the above mentioned vulnerability
(and possibly some others) in the last day or two. I saw no mention of this
so I thought I would throw it out.

From the CERT info on the vulnerability:

Vulnerability Note VU#10277
Various shells create temporary files insecurely when using << operator
sh uses /tmp files of a predictable name in creating files for input
redirection using the << operator. for the
patch/security information; for the actual

-Ross Roberts
 Unix/Network Administrator
 Alcatel Telecommunications Cable