thr3ads.net - freebsd security - Race condition in Sudo's pathname validation, version <= 1.6.8p9 [Nov 2005]

If this information is useful, please help other people find it:
Share via:

Dmitry Grigorovich

2005-Nov-14 07:59 UTC

Race condition in Sudo's pathname validation, version <= 1.6.8p9

http://sudo.ws/sudo/alerts/path_race.html

[ODiP] == Dmitry Grigorovich

Simon L. Nielsen

2005-Nov-14 08:48 UTC

head link

Race condition in Sudo's pathname validation, version <= 1.6.8p9

On 2005.11.14 21:58:49 +0600, Dmitry Grigorovich wrote:
> http://sudo.ws/sudo/alerts/path_race.html
See http://vuxml.FreeBSD.org/3bf157fa-e1c6-11d9-b875-0001020eed82.html
for details regarding this vulnerability in the context of the FreeBSD
Ports Collection.

Note that this is a rather old issue which was published 2005-06-20.

-- 
Simon L. Nielsen
FreeBSD Security Team
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url :
http://lists.freebsd.org/pipermail/freebsd-security/attachments/20051114/5da4c5d9/attachment.bin

Maybe Matching Threads

Search for more reasonably related threads

freebsd security - Nov 2005 - Race condition in Sudo's pathname validation, version <= 1.6.8p9

Race condition in Sudo's pathname validation, version <= 1.6.8p9

Race condition in Sudo's pathname validation, version <= 1.6.8p9

Maybe Matching Threads