RedHat Linux diskcheck Race Condition Vulnerability BugTraq ID: 2050 Remote: No Date Published: 2000-12-05 Relevant URL: http://www.securityfocus.com/bid/2050 Summary: diskcheck.pl is a perl script included as part of the Red Hat Powertools suite, distributed by Red Hat Inc. A condition exists which could allow a user to corrupt arbitrary files on the system. The problem occurs in the creation of a file in the /tmp file system. diskcheck.pl is run hourly, and is designed to send an email to the administrator of the system if any filesystem on the system reaches 90% capacity. The mail generated is moved to a file in /tmp labelled diskusagealert.txt.$$, with $$ representing the process number of the job. Due to the design, it is possible for a malicious user to create a symbolic link to another file on the system to which write access is not permitted, and corrupt the integrity of the linked file. Apache Web Server with Php 3 File Disclosure Vulnerability BugTraq ID: 2060 Remote: Yes Date Published: 2000-12-06 Relevant URL: http://www.securityfocus.com/bid/2060 Summary: Apache Web Server is subject to disclose files to unauthorized users when used in conjunction with the PHP3 script language. By requesting a specially crafted URL by way of php, it is possible for a remote user to gain read access to a known file that resides on the target host. Successful exploitation of this vulnerability could lead to the disclosure of sensitive information and possibly assist in further attacks against the victim. APC apcupsd Local Denial of Service Vulnerability BugTraq ID: 2070 Remote: No Date Published: 2000-12-06 Relevant URL: http://www.securityfocus.com/bid/2070 Summary: A denial-of-service vulnerability exists in certain versions of APC's UPS daemon, apcupsd. apcupsd is the Unix daemon driving various popular models of uninterruptible power supply manufactured by American Power Conversion. It operates under most versions of Linux / Unix. A key configuration file, /var/run/apcupsd.pid, instructs the daemon's scripts which system processes to shut down when the service is restarted or stopped. By default, this file is configured world-writeable. A malicious local user could re-write this file with process IDs corresponding to arbitrary components of the affected system. As a result, these processes, and not apcupsd, could be mistakenly terminated, potentially crashing the system. - Pour poster une annonce: [EMAIL PROTECTED]
