Bugtraq mailing list archives
Re: Vulnerability in Majordomo
From: oxymoron () waste org (Oliver Xymoron)
Date: Tue, 26 Aug 1997 15:19:53 -0500
On Sun, 24 Aug 1997, Razvan Dragomirescu wrote:
I have discovered a vulnerablility in "majordomo" that allows local and remote users to execute commands with the rights of the user running the server. This user is usually in the daemon group, so this can be quite harmful.
This should fix the problem in a fairly straightforward manner: --- majordomo-pre-list-fix Tue Aug 26 14:11:07 1997 +++ majordomo Tue Aug 26 15:06:52 1997 @@ -1374,7 +1374,7 @@ if ($'config_opts{$list, 'advertise'} ne '') { @array = split(/\001/,$'config_opts{$list, 'advertise'}); foreach $i (@array) { - $command = "(q~$reply_addr~ =~ $i)"; + $command = '($reply_addr'." =~ $i)"; $result = 1, last if (eval $command); } } else { $result = 1; } @@ -1384,7 +1384,7 @@ @array = split(/\001/,$'config_opts{$list, 'noadvertise'}); foreach $i (@array) { - $command = "(q~$reply_addr~ =~ $i)"; + $command = '($reply_addr'." =~ $i)"; $result = 0, last if (eval $command); } } -- "Love the dolphins," she advised him. "Write by W.A.S.T.E.."
Current thread:
- Vulnerability in Majordomo Razvan Dragomirescu (Aug 24)
- Re: Vulnerability in Majordomo Steve Hill (Aug 26)
- CERT Summary CS-97.05 Aleph One (Aug 26)
- FreeBSD Security Advisory: FreeBSD-SA-97:04.procfs Aleph One (Aug 26)
- Re: Vulnerability in Majordomo Oliver Xymoron (Aug 26)
- Re: Vulnerability in Majordomo Michael Warfield (Aug 26)
- <Possible follow-ups>
- Re: Vulnerability in Majordomo Randal Schwartz (Aug 26)