Same problem exists in RedHat. Date: Thu, 31 Aug 2000 23:12:54 -0600 From: Linux Mandrake Security Team <security> To: Linux Mandrake Security Announcements <security-announce> Subject: [Security Announce] MDKSA-2000:042 - mgetty update -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ Linux-Mandrake Security Update Advisory ________________________________________________________________________ Package name: mgetty Date: August 31st, 2000 Advisory ID: MDKSA-2000:042 Affected versions: 6.0, 6.1, 7.0, 7.1 ________________________________________________________________________ Problem Description: There is a problem in the mgetty package, which contains a number of tools for sending and receiving faxes. The faxrunq tool uses a marker file in the /tmp directory, which is world-writable, in an insecure fashion. This problem, if exploited, allows malicious users to overwrite files on the system via a symlink attack which are owned by the user that is invoking faxrunq. All versions of mgetty prior to 1.1.22 are vulnerable. ________________________________________________________________________
An errata is being prepped.