Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Another Solaris 10 Patch Cluster Symlink Attack
Aug 09 2012 04:59PM
larry Cashdollar (larry0 me com)
Larry W. Cashdollar
Here is another symlink attack with temp file creation using process id in Solaris 10 patch cluster. You can over write the contents of root owned files with the contents of inetd.conf.
[ more ]
Copyright 2010, SecurityFocus