Perl vulnerability

ID USN-94-1
Type ubuntu
Reporter Ubuntu
Modified 2005-03-09T00:00:00


Paul Szabo discovered another vulnerability in the rmtree() function
in While a process running as root (or another user)
was busy deleting a directory tree, a different user could exploit a
race condition to create setuid binaries in this directory tree,
provided that he already had write permissions in any subdirectory of
that tree.