Linux Security
    Linux Security
    Linux Security

    Debian: 'joe' symlink vulnerability

    Posted By
    When joe dies to a signal instead of a normal exit it is vulnerable to a symlink attack.
    - ------------------------------------------------------------------------
    Debian Security Advisory                             This email address is being protected from spambots. You need JavaScript enabled to view it.                         Wichert Akkerman
    November 22, 2000
    - ------------------------------------------------------------------------
    Package        : joe
    Problem type   : symlink attack
    Debian-specific: no
    When joe (Joe's Own Editor) dies due to a signal instead of a normal
    exit it saves a list of the files it is editing to a file called `DEADJOE'
    in its current directory. Unfortunately this wasn't done safely which made
    joe vulnerable to a symlink attack.
    This has been fixed in version 2.8-15.1 .
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    Debian GNU/Linux 2.2 alias potato
    - ---------------------------------
      Potato was released for alpha, arm, i386, m68k, powerpc and sparc.
      Source archives:
          MD5 checksum: 94131d7638b028e6bd6f529747b9d318
          MD5 checksum: 5ad45a1fa1a293bef03786f9258bf846
          MD5 checksum: 84c1aebfce7876b8639945da3c29f204
      Alpha architecture:
          MD5 checksum: defbc5c39a2ae8ed000b7b302ecd339f
      ARM architecture:
          MD5 checksum: bcb70726840c2cf11cba068ce2a826be
      Intel ia32 architecture:
          MD5 checksum: 21444255b240be01132208e5cb1d3439
      Motorola 680x0 architecture:
          MD5 checksum: a4b275c324956489bf7558d42a80f22f
      PowerPC architecture:
          MD5 checksum: 689d54abe039ded6e82bf60115737631
      Sun Sparc architecture:
          MD5 checksum: 8846236e9158cf3f3d7f1b8edce73d40
      These files will be moved into*/binary-$arch/ soon.
    For not yet released architectures please refer to the appropriate
    directory$arch/ .
    - -- 
    - ----------------------------------------------------------------------------
    apt-get: deb stable/updates main
    dpkg-ftp: dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.

    LinuxSecurity Poll

    Tails is the most secure Linux distro out there.

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    [{"id":"142","title":"Yes - Tails get my vote!","votes":"1","type":"x","order":"1","pct":100,"resources":[]},{"id":"143","title":"Nope - Parrot OS has surpassed Tails in its security and privacy.","votes":"0","type":"x","order":"2","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350


    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.