* Thomas Biege wrote on Thu, May 02, 2002 at 15:57 +0200:
there will be an update from Suse for mod_frontpage ?
No, this bug hasn't a high severity.
It could just be exploited locally and the attacker has to become wwwrun first. Even if the attacker get's access to the victims machine and manages to become wwwrun s/he will just get access to UID >= 100.
But that means that exploiting a cgi-bin script in a typical configuration gives the intruder access to any regular user (who have typical UID >= 100). Then the intruder can change their path to contain /tmp/trojaned_ssh/ and put a ssh binary here to get access to the keys or whatever! For me it sounds like high severity. And for me it sounds like mod_frontpage wants still to be set up setuid=0 which is bad by itself... oki, Steffen -- Dieses Schreiben wurde maschinell erstellt, es trägt daher weder Unterschrift noch Siegel.