[SuSE 9.0] possible symlink attacks in some scripts

• Previous message: Mariusz Woloszyn: "Re: What is the point here?"
• Next in thread: Thomas Biege: "Re: [SuSE 9.0] possible symlink attacks in some scripts"
• Maybe reply: Thomas Biege: "Re: [SuSE 9.0] possible symlink attacks in some scripts"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 20 Jan 2004 14:48:31 -0000
To: bugtraq@securityfocus.com

Product: some scripts shipped with suse 9.0
Date: 20.01.2004
Author: l0om <l0om@excluded.org>
 
greetings,
i have done a litte reseach on a SuSE linux 9.0 box
for possible symlink attacks. i have checked nearly
every script i could found on the system. i havent
found much and nothing very special.i dont have a
clue if the following scripts are somewhere on the
system executed but maybe someone useses them in a
script or something like that.
 
 
**
/usr/X11R6/bin/fvwm-bug
[...]
TEMP=/tmp/fvwm-bug.$$
[...]
cat > $TEMP <<EOF
[...]
 
**
/usr/X11R6/bin/wm-oldmenu2new
[...]
T=/tmp/wmmenu$$
[...]
cp $OLD_MENU $T-c
[...]
 
**
/usr/X11R6/bin/x11perfcomp
[...]
tmp=${TMPDIR-/tmp}/rates.$$
mkdir $tmp || exit 1
[...]
mkdir $tmp/rates
[...]
-l) cp $2 $tmp/labels
[...]
rm -rf $tmp
[...]
 
**
/usr/X11R6/bin/xf86debug
[...]
gdb << EOF &> /tmp/xf86debug.1.log
echo "Debugger output written to /tmp/
xf86debug.1.log." #thx for that info
[...]
 
**
/opt/kde3/bin/winpopup-send.sh
echo "$2" > /tmp/.winpopup-new
echo `date +"%a %l:%m %p"` >> /tmp/.winpopup-new
cat "$1" | tr "\000" "\012" >> /tmp/.winpopup-new
mv -f /tmp/.winpopup-new /tmp/.winpopup
 
**
/sbin/lvmcreate_initrd
[...]
DEVRAM=/tmp/initrd.$$
[...]
verbose "using $DEVRAM as a temporary loopback file"
#thx for that info
dd if=/dev/zero of=$DEVRAM count=$INITRDSIZE bs=1024
> /dev/null 2>&1
[...]
 
********** greets @ proxy, takt, maximilian, sirius,
dna, fe2k, xnet, zexl
                                rest of excluded.org
                     nofx, rancid, bad religion, less
than jake ...
                        www.excluded.org --l0om
                                     have Phun!

• Previous message: Mariusz Woloszyn: "Re: What is the point here?"
• Next in thread: Thomas Biege: "Re: [SuSE 9.0] possible symlink attacks in some scripts"
• Maybe reply: Thomas Biege: "Re: [SuSE 9.0] possible symlink attacks in some scripts"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Firefox 1.5.0.7 RPM ... Especially programs in the background that I might use in scripts ... the upgrade of Firefox broke several extentions I used. ... Motorcycling, Boating and SUSE Linux: ... (alt.os.linux.suse) Seeking advice on shell scripting problem. ... I have a directory filled with about 120 different shell scripts from a ... SCO Opensever box that I'm converting over to SUSE Linux. ... character sequences in echo statements. ... (comp.unix.shell) Re: Suse 8.2: Setting up an ethernet-interface without an ip-address ... [SuSE Linux] ... > Setting up with an ip-address works fine. ... I fear you have to hack the scripts for supporting none, ... (comp.os.linux.networking) Re: Suse 8.2: Setting up an ethernet-interface without an ip-address ... [SuSE Linux] ... > Setting up with an ip-address works fine. ... I fear you have to hack the scripts for supporting none, ... (comp.os.linux.security) Re: Checking if a user has logged in and changed his/her password ... Yes thx I know - checked those first, but I didn't find exactly what I was ... scripts there and make a working one on my own :-) If noone already has one ... >>must change password at next logon" flags set, and if they do write the ... (microsoft.public.windows.server.scripting)