> On Mon, 27 Sep 1999 11:35:44 EDT, Dan Astoorian <[EMAIL PROTECTED]> said: > > A trivial demo program that demonstrates the problem is attached. (It > > needs no special privileges; run it as an unprivileged user in any > > writable directory.) The program reports "okay" under Solaris 2.5.1 and > > IRIX 6.5.2, "vulnerable" under RedHat 6. > > AIX 4.3.2 with all the recent Fixdist patches also says "okay". Linux will also do so very soon. There are no standards issues here just common sense. So Solar's patches for that and mknod are "no brainer" fixes
- [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Marc SPARC
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Tymm Twillman
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy... Solar Designer
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Dan Astoorian
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy... Sean-Paul Rees
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy... Valdis . Kletnieks
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy... Mike Iglesias
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy... Sylvain Robitaille
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabi... Dan Astoorian
- Re: [Fwd: Truth about ssh 1.2.27 vulne... Sylvain Robitaille
- Re: [Fwd: Truth about ssh 1.2.27 vulne... Jeff Long
- Re: [Fwd: Truth about ssh 1.2.27 ... Jeff Long
- Re: [Fwd: Truth about ssh 1.2.27 ... Chris Keane
- Re: [Fwd: Truth about ssh 1.2... Jeff Long
- Re: [Fwd: Truth about ssh 1.2... Sylvain Robitaille
- Re: [Fwd: Truth about ssh 1.2... Dan Astoorian
