Debian Linux 2.1 dump Symlink Restore Vulnerability

Solution:
Debian has released an upgrade to version 0.41b9-0slink1 of dump.


Debian dump 0.4 b9
  • Debian dump 0.4b9-0slink1
    This version of dump "Uses lchown instead of chown, fixing a possible security problem when restoring symlinks (a malicious user could use this to deliberately corrupt the ownership of important system files)".
    http://www.debian.org/security/1999/19991202



 

Privacy Statement
Copyright 2010, SecurityFocus