HP-UX PHCO_29697 : HP-UX Running shar(1), Local Execution of Arbitrary Code (HPSBUX00304 SSRT3639 rev.2)

s700800 11.04 VVOS shar1 cumulative patch : shar1 creates tmp files insecurely. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and patch checks in this plugin were extracted from HP patch PHCO29697. The text itself is copyright C Hewlett-Packard Development Company, L.P...

/bin/ksh creates insecure tmp files

Recently I reported that, similarly to the recently discussed tcsh vulnerability, the Bourne shell /bin/sh creates temporary files in an insecure way: http://www.securityfocus.com/templates/archive.pike?list=1&[email protected] At the time I also tested the Korn...

Solaris 2.72.8 Catman - Local Insecure tmp Symlink

Solaris 2.72.8 Catman - Local Insecure tmp Symlink !/usr/local/bin/perl -w The problem is catman creates files in /tmp insecurly. They are based on the PID of the catman process, catman will happily clobber any files that are symlinked to that file. The idea of this script is to create a block of...