Date: Sat, 9 Sep 2000 20:44:04 -0400 From: stanislav shalunov <shalunov@INTERNET2.EDU> Subject: Re: tmpwatch: local DoS : fork()bomb as root To: BUGTRAQ@SECURITYFOCUS.COM zenith parsec <zenith_parsec@THE-ASTRONAUT.COM> writes: > Any user with write access to /tmp or /var/tmp can cause redhat 6.1 (and > others runnng tmpwatch from cron) to stop responding, and possibly requre > a hard reboot. The is one of the kinds of vulnerabilities that stmpclean has been designed to avoid. ftp://ftp.mccme.ru/users/shalunov/stmpclean-0.1.tar.gz -- Stanislav Shalunov Internet2 "I didn't attend the funeral, but I sent a nice letter saying that I approved of it." -- Mark Twain