Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Netscape 6 Temp File Symbolic Link Vulnerability

Netscape 6 Temp File Symbolic Link Vulnerability

by Phiber on August 29th, 2001 Netscape 6 creates insecure temporary files when installed on Solaris systems. When installed, the program creates files in the /tmp directory using the admin prefix and process id as the file extension.


A local user that knows an administrator is installing the package could create a range of symbolic links, and potentially cause Netscape to overwrite sensitive system files, resulting in a denial of service. It is unknown whether this affects other UNIX systems.

Solution:

Reboot the system into single user mode and then install Netscape.
Credits go to Larry W. Cashdollar.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »