TUCoPS :: Unix :: General :: fsh-1.htm


TUCoPS :: Unix :: General :: fsh-1.htm

Fsh symlink attack 
Vulnerability
 fsh
Affected
 fsh
Description
 Following is based on a Debian Security Advisory DSA-002-1.
 Colin Phipps found an interesting symlink attack problem in fsh (a
 tool to quickly run remote commands over rsh/ssh/lsh). When fshd
 starts it creates a directory in /tmp to hold its sockets. It
 tries to do that securely by checking of it can chown that
 directory if it already exists to check if it is owner by the
 user invoking it. However an attacker can circumvent this check
 by inserting a symlink to a file that is owner by the user who
 runs fhsd and replacing that with a directory just before fshd
 creates the socket.
Solution
 For Debian:
 http://security.debian.org/dists/stable/updates/main/source/fsh_1.0.post.1-3potato.diff.gz
 http://security.debian.org/dists/stable/updates/main/source/fsh_1.0.post.1-3potato.dsc
 http://security.debian.org/dists/stable/updates/main/source/fsh_1.0.post.1.orig.tar.gz
 http://security.debian.org/dists/stable/updates/main/binary-alpha/fsh_1.0.post.1-3potato_alpha.deb
 http://security.debian.org/dists/stable/updates/main/binary-arm/fsh_1.0.post.1-3potato_arm.deb
 http://security.debian.org/dists/stable/updates/main/binary-i386/fsh_1.0.post.1-3potato_i386.deb
 http://security.debian.org/dists/stable/updates/main/binary-m68k/fsh_1.0.post.1-3potato_m68k.deb
 http://security.debian.org/dists/stable/updates/main/binary-powerpc/fsh_1.0.post.1-3potato_powerpc.deb
 http://security.debian.org/dists/stable/updates/main/binary-sparc/fsh_1.0.post.1-3potato_sparc.deb

AltStyle によって変換されたページ (->オリジナル) /

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2025 AOH