GNU Emacs Temporary File Creation Vulnerability

To exploit this vulnerability, one would simply need to observe the creation of temporary files in /tmp, note the pattern, and create symbolic links to alternate files on the filesystem. For instance, one could create a symbolic link to ~usertoattack/.rhosts, and gain access to that account.


 

Privacy Statement
Copyright 2010, SecurityFocus