Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 9 Jan 2014 17:51:52 +0100
From: Guido Berhoerster <>
Subject: Re: CVE request: tmux local denial of service (2009)

* Florian Weimer <> [2014-01-09 17:39]:
> Alexander Wirt discovered that local users can block other users
> from using tmux by creating suitably named directories in /tmp:
> <>
> This is a minor local denial of service issue.  This was reported
> publicly in 2009, so it receive an ID for that year.
> Corresponding Red Hat bug:
> <>

How is that a DOS? $TMPDIR/tmux-<uid> is merely a default, tmux
allows users to override the socket path using the -S command line
Guido Berhoerster

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.