Back to search
CVE-2000-1134
Published: Dec 19, 2000
Modified: Aug 8, 2024
PUBLISHED
Description
Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20001111a
vendor-advisory
x_refsource_DEBIAN
1926
vdb-entry
x_refsource_BID
CLA-2000:350
vendor-advisory
x_refsource_CONECTIVA
oval:org.mitre.oval:def:4047
vdb-entry
signature
x_refsource_OVAL
SSRT1-41U
vendor-advisory
x_refsource_COMPAQ
2006
vdb-entry
x_refsource_BID
MDKSA-2000-069
vendor-advisory
x_refsource_MANDRAKE
CSSA-2000-042.0
vendor-advisory
x_refsource_CALDERA
RHSA-2000:117
vendor-advisory
x_refsource_REDHAT
VU#10277
third-party-advisory
x_refsource_CERT-VN
20001130 [ADV/EXP]: RH6.x root from bash /tmp vuln + MORE
mailing-list
x_refsource_BUGTRAQ
20001028 tcsh: unsafe tempfile in << redirects
mailing-list
x_refsource_BUGTRAQ
MDKSA-2000:075
vendor-advisory
x_refsource_MANDRAKE
CSSA-2000-043.0
vendor-advisory
x_refsource_CALDERA
20001128 /bin/sh creates insecure tmp files
mailing-list
x_refsource_BUGTRAQ
CLSA-2000:354
vendor-advisory
x_refsource_CONECTIVA
RHSA-2000:121
vendor-advisory
x_refsource_REDHAT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now