| version 1.319, 2006/01/05 05:34:08 |
version 1.320, 2006/02/12 10:25:39 |
|
|
| |
|
| <p> |
<p> |
| <ul> |
<ul> |
| |
<li><a href="errata.html#ssh">Feb 12, 2006: |
| |
Josh Bressers has reported a weakness in OpenSSH caused due to the |
| |
insecure use of the system(3) function in scp(1) when performing copy |
| |
operations using filenames that are supplied by the user from the |
| |
command line.</a> |
| <li><a href="errata.html#fd">Jan 5, 2006: |
<li><a href="errata.html#fd">Jan 5, 2006: |
| Do not allow users to trick suid programs into re-opening files via |
Do not allow users to trick suid programs into re-opening files via |
| /dev/fd.</a> |
/dev/fd.</a> |
|
|
| |
|
| <p> |
<p> |
| <ul> |
<ul> |
| |
<li><a href="errata37.html#ssh">Feb 12, 2006: |
| |
Josh Bressers has reported a weakness in OpenSSH caused due to the |
| |
insecure use of the system(3) function in scp(1) when performing copy |
| |
operations using filenames that are supplied by the user from the |
| |
command line.</a> |
| <li><a href="errata37.html#fd">Jan 5, 2006: |
<li><a href="errata37.html#fd">Jan 5, 2006: |
| Do not allow users to trick suid programs into re-opening files via |
Do not allow users to trick suid programs into re-opening files via |
| /dev/fd.</a> |
/dev/fd.</a> |
![[BACK]](/icons/back.gif){kind=icon}
Return to security.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www