Linux Security
    Linux Security
    Linux Security

    Debian: 'fsh' symlink attack

    Date 29 Nov 2000
    Posted By LinuxSecurity Advisories
    New fsh packages exist to fix potential symlink attack vulnerabilities.
    - ------------------------------------------------------------------------
    Debian Security Advisory DSA-002-1                   This email address is being protected from spambots. You need JavaScript enabled to view it.                         Wichert Akkerman
    November 30, 2000
    - ------------------------------------------------------------------------
    Package        : fsh
    Problem type   : symlink attack
    Debian-specific: no
    Colin Phipps found an interesting symlink attack problem in fsh (a
    tool to quickly run remote commands over rsh/ssh/lsh). When fshd
    starts it creates a directory in /tmp to hold its sockets. It tries
    to do that securely by checking of it can chown that directory if
    it already exists to check if it is owner by the user invoking it.
    However an attacker can circumvent this check by inserting a
    symlink to a file that is owner by the user who runs fhsd and
    replacing that with a directory just before fshd creates the
    This has been fixed in version
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    Debian GNU/Linux 2.2 alias potato
    - ---------------------------------
      Potato was released for alpha, arm, i386, m68k, powerpc and sparc.
      Source archives:
          MD5 checksum: 278a82a3899974ec60b4f92d3a2d53d7
          MD5 checksum: d2e6eee08ba39ed82b756f39da2a1587
          MD5 checksum: d0ade4d65da92256c110a042479109f1
      Alpha architecture:
          MD5 checksum: 729414dcde81ef4d50681839a8df62a2
      ARM architecture:
          MD5 checksum: 5543a9a61b7af9b48c277f4aca83c75a
      Intel ia32 architecture:
          MD5 checksum: 6d6dd446e87bff6ed57c7176813609c8
      Motorola 680x0 architecture:
          MD5 checksum: 50bce3a431b141e68a3dfdae1b71f5a9
      PowerPC architecture:
          MD5 checksum: 8e99a4a3657fee8d9545099d02526c5b
      Sun Sparc architecture:
          MD5 checksum: fe3de98286cb7d5e83ca00631785adbe
      These files will be moved into*/binary-$arch/ soon.
    For not yet released architectures please refer to the appropriate
    directory$arch/ .
    - -- 
    - ----------------------------------------------------------------------------
    apt-get: deb stable/updates main
    dpkg-ftp: dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    Version: 2.6.3ia
    Charset: noconv
    -----END PGP SIGNATURE-----

    LinuxSecurity Poll

    'Tis the season of giving! How have you given back to the open-source community?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    [{"id":"171","title":"I've contributed to the development of an open-source project.","votes":"8","type":"x","order":"1","pct":28.57,"resources":[]},{"id":"172","title":"I've reviewed open-source code for security bugs.","votes":"6","type":"x","order":"2","pct":21.43,"resources":[]},{"id":"173","title":"I've made a donation to an open-source project.","votes":"14","type":"x","order":"3","pct":50,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.