Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

script.command.txt

🗓️ 18 Dec 2001 00:00:00Reported by Marco van BerkumType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 22 Views

Silly hardlink vulnerability in UNIX 'script' command can overwrite files when executed as root.

Code
`-------------------------------------------------------------  
Title: Silly hardlink vulnerability in UNIX 'script' command  
Linux version maintainer: Andries Brouwer ([email protected])  
Bug found by: Marco van Berkum ([email protected])  
Date: 17-12-2001  
Priority: low  
-------------------------------------------------------------  
  
Script command  
--------------  
The script command which is part of the util-linux  
package (all UNICES are vulnerable, not only linux)  
contains a silly hardlink vulnerability which could overwrite  
any file on the harddisk. Script is a tool to save terminal  
sessions for later reference. By default script creates  
a file called typescript for its log.  
  
  
The problem  
-----------  
Very simple, script (when executed as root) overwrites  
hardlinks that could be set by any user to any file on  
the harddisk. For instance, a malicious user can place  
a hardlink 'typescript' to /etc/passwd (or any other file)  
in his home directory. If the root user would execute  
script in that directory it would cause script to  
overwrite that file. Script does check for symlinks and  
asks if the symlink should be overwritten, it lacks  
checking hardlinks.  
  
Priority  
--------  
Low, its not likely that root users execute script  
in a user's home directory. They could though, its  
a minor problem that must be fixed for that reason.  
  
Fix  
---  
The util-linux maintainer was notified and fixed the problem  
in the next version. Still, all UNICES seem to have this  
problem.  
  
Just my 2 cents,  
Marco van Berkum  
--  
_________________________________________________________________  
| Marco van Berkum | [email protected] | 'Error #152 |  
| Security Engineer | MB17300-RIPE | Windows not found |  
| Network Admin | http://ws.obit.nl |(C)heer (P)arty (D)ance'|  
-----------------------------------------------------------------  
  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
18 Dec 2001 00:00Current
7.4High risk
Vulners AI Score7.4
hardlink vulnerabilityunix script commandoverwrite filesroot executionutil-linux packagelow prioritysecurity issuefix implemented.
22