Dmitry Grigorovich
2005-Nov-14 07:59 UTC
Race condition in Sudo's pathname validation, version <= 1.6.8p9
http://sudo.ws/sudo/alerts/path_race.html [ODiP] == Dmitry Grigorovich
Simon L. Nielsen
2005-Nov-14 08:48 UTC
Race condition in Sudo's pathname validation, version <= 1.6.8p9
On 2005.11.14 21:58:49 +0600, Dmitry Grigorovich wrote:> http://sudo.ws/sudo/alerts/path_race.htmlSee http://vuxml.FreeBSD.org/3bf157fa-e1c6-11d9-b875-0001020eed82.html for details regarding this vulnerability in the context of the FreeBSD Ports Collection. Note that this is a rather old issue which was published 2005-06-20. -- Simon L. Nielsen FreeBSD Security Team -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: not available Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20051114/5da4c5d9/attachment.bin