Some autochanger scripts allows local users to overwrite arbitrary files via a symlink attack on a /tmp/mtx.##### temporary file. In some of these scripts this issue was corrected so I have wrote patch which should correct the remaining.
More info: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5373 https://bugzilla.redhat.com/show_bug.cgi?id=475469 http://lists.debian.org/debian-devel/2008/08/msg00347.html http://uvw.ru/report.sid.txt Lukáš Nykrýn ------------------------------------------------------------------------------ All of the data generated in your IT infrastructure is seriously valuable. Why? It contains a definitive record of application performance, security threats, fraudulent activity, and more. Splunk takes this data and makes sense of it. IT sense. And common sense. http://p.sf.net/sfu/splunk-d2dcopy2 _______________________________________________ Bacula-devel mailing list Bacula-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-devel
