Lc.DB — the Linux.com Article Museum
Home:: Authors:: Categories:: Staff:: All Articles Powered by GNU/Linux
Originally published: Thursday, 3 February 2000 Author: Derrick H. Lewis
Published to: news_enhance_security/Security News Page: 1/1   [Standard view]

Debian Security Advisory

[Debian] The apcd package as shipped in Debian GNU/Linux 2.1 is vulnerable to a symlink attack. If the apcd process gets a SIGUSR1 signal it will dump its status to /tmp/upsstat. However this file is not opened safely, which makes it a good target for a symlink attack.

(this article had no body text)

Originally published on Linux.com. Released under the Open Content License unless otherwise stated. Notify Gareth Watts of any errors or copyright violations.