Unzuthorized file access via file stdio decriptors in multiple Unix systems

2007-01-18T00:00:00
ID SECURITYVULNS:VULN:1956
Type securityvulns
Reporter SECURITEAM
Modified 2007-01-18T00:00:00

Description

By exhausting all file descriptors and closing stderr it's possible to causesituation called application will open new file with descriptor 2 and all stderr output will be redirected to file. In few systems it's enougth to close standard descriptor.