Bugtraq mailing list archives
Re: /bin/mail Security Hole
From: casper () fwi uva nl (Casper Dik)
Date: Sat, 26 Nov 1994 12:46:59 +0100
Above all, FIX THIS HOLE. As to 8lgm, I definitely supported you in the past, but turning to security through obscurity this late in the game is a turn for the worse. If you have written an exploit, make it public, or do NOT give it to anyone, not even your best friend's dog. There's a lesson to be learned that has been repeated throughout history: give out copies to only a few people, and the entire cracker community will get it. Let's see a little more "all or nothing" commitments from the security community.
A word of caution for people running this script: all mail incoming between starting the script and ending it will be lost. If you interrupt the script, all of your mailbox is left in /tmp. I think that you'll find that Sun's patch 100224-13 fixes this hole as well as the race condition that existed when writing to /var/spool/mail. There has not yet been a security bulletin on this patch. I think the race is easier to win than this. All you need is one shot. Casper
Current thread:
- /bin/mail Security Hole Nathan Lawson (Nov 26)
- Re: /bin/mail Security Hole Casper Dik (Nov 26)
- Re: /bin/mail Security Hole Neil Woods (Nov 26)
- [8lgm]-Advisory-8.UNIX.SunOS-kernel.11-Nov-1994 [8LGM] Security Team (Nov 27)
- [8lgm]-Advisory-9.UNIX.urestore.10-Feb-1993 [8LGM] Security Team (Nov 27)
- [8lgm]-Advisory-13.UNIX.SCO-login.15-Apr-1994 [8LGM] Security Team (Nov 27)