| version 1.286, 2000/12/08 04:01:23 |
version 1.287, 2000/12/08 16:13:16 |
|
|
| 1. A symlink problem was discovered in the KerberosIV password checking |
1. A symlink problem was discovered in the KerberosIV password checking |
| routines /usr/bin/su and /usr/bin/login, which makes it possible for a |
routines /usr/bin/su and /usr/bin/login, which makes it possible for a |
| local user to overwrite any file on the local machine.<p> |
local user to overwrite any file on the local machine.<p> |
| 2. It is possible to specify to specify environment variables in telnet |
2. It is possible to specify environment variables in telnet |
| which will be passed over the to the remote host. This makes it |
which will be passed over the to the remote host. This makes it |
| possible to set environment variables on the remote side, including |
possible to set environment variables on the remote side, including |
| ones that have special meaning on the server. It is not clear at this |
ones that have special meaning on the server. It is not clear at this |
![[BACK]](/icons/back.gif){kind=icon}
Return to errata.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www