LISTSERV 16.0 - MICHAEL-L Archives

Subscriber's Corner

Email Lists

MICHAEL-L Archives

MICHAEL-L@C7LSERV-DEV.NS.UTORONTO.CA

View:

Message:

[

First

Last

]

By Topic:

[

First

Last

]

By Author:

[

First

Last

]

Font:

Proportional Font

		LISTSERV Archives
		MICHAEL-L Home
		MICHAEL-L August 1996

Subject:

Summary of CERT CA-96-19: expreserve

From:

[log in to unmask] (Norman Wilson)

Date:

Thu, 15 Aug 1996 14:09:48 -0400

Content-Type:

text/plain

Parts/Attachments:

text/plain (23 lines)

expreserve, the helper program for vi that recovers the file you
were editing when your connection dropped or the machine crashed,
has been discovered to offer yet another opportunity for someone
with an ordinary login on your system to overwrite any file on the
system (and hence to become super-user as well).  I'm not sure if
this is a new botch, or just a rerun of an old one; expreserve has
been serving up security holes since at least 1983.

According to the advisory:

HP and Sun have patches
DG claims not to be vulnerable, but to have included the fix
in their next release anyway
BSDI, Cray, Digital, IBM, NeXT, OSF, and SCO claim not to be
vulnerable, or to have fixed the problem in their current systems.

If your system is vulnerable, you can paper over the problem by
turning off execute permissions for /usr/lib/expreserve; this will
close the hole, albeit at the cost of disabling vi crash recovery.

For the full text of the advisory, see
	ftp://info.cert.org/pub/cert_advisories/CA-96.19.expreserve

Top of Message | Previous Page | Permalink

Search Archives

Advanced Options

Options

		Log In
		Get Password

		Search Archives

		Subscribe or Unsubscribe