Bug 62055 - A /tmp race condition leads to root
Summary: A /tmp race condition leads to root
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: logwatch
Version: 7.2
Hardware: All
OS: Linux
high
medium
Target Milestone: ---
Assignee: Elliot Lee
QA Contact:
URL:
Whiteboard:
Keywords: Security
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2002-03-27 02:03 UTC by Spybreak
Modified: 2008-05-01 15:38 UTC (History)
0 users

(edit)
Clone Of:
(edit)
Last Closed: 2002-03-27 15:17:06 UTC


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2002:053 normal SHIPPED_LIVE : Race conditions in logwatch 2002-03-28 05:00:00 UTC
Red Hat Product Errata RHSA-2002:054 normal SHIPPED_LIVE : Race conditions in logwatch 2002-03-28 05:00:00 UTC

Description Spybreak 2002-03-27 02:03:35 UTC
From Bugzilla Helper:
User-Agent: Mozilla/4.78 [en] (X11; U; Linux 2.4.7-10 i686)

Description of problem:
On a system running LogWatch, a local user is able to gain
unauthorized root access, due to a race condition during
the temporary directory creation.



Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
Exploit available	

Additional info:

Comment 1 Elliot Lee 2002-03-27 15:17:02 UTC
Please send details to security@redhat.com (and reference this bug #)

Comment 2 Elliot Lee 2002-04-15 16:06:14 UTC
errata fixed this


Note You need to log in before you can comment on or make changes to this bug.