Bugtraq mailing list archives
Re: majordomo local exploit
From: bsides () TOWERY COM (Brock Sides)
Date: Wed, 29 Dec 1999 10:28:32 -0600
A note to anybody applying this, via patch or otherwise. Don't keep the original resend lying around in the majordomo directory: wrapper assumes everything in that directory is secure, and will gladly execute it. [brock@o2 brock]$ /usr/freeware/majordomo/wrapper resend.orig '@|id' uid=1126(majordomo) gid=1(daemon) resend: must specify '-l list' at /usr/freeware/majordomo-1.94.4/resend.orig line 78. -- Brock Sides Unix Systems Administration Towery Publishing bsides () towery com On Wed, 29 Dec 1999, Todd C. Miller wrote:
For those using perl 5.x, you can use sysopen() instead of the "magic" perl open() to fix this. - todd --- resend Thu Aug 19 10:12:03 1999 +++ resend+ Tue Dec 28 23:55:39 1999 @@ -58,7 +58,7 @@ if ($ARGV[0] =~ /^\@/) { $fn = shift(@ARGV); $fn =~ s/^@//; - open(AV, $fn) || die("open(AV, \"$fn\"): $!\nStopped"); + sysopen(AV, $fn, O_RDONLY) || die("sysopen(AV, \"$fn\", O_RDONLY): $!\nStopped"); undef($/); # set input field separator $av = <AV>; # read whole file into string close(AV);
Current thread:
- Re: majordomo local exploit, (continued)
- Re: majordomo local exploit Coolio (Dec 29)
- Re: majordomo local exploit Henrik Edlund (Dec 29)
- bna,sh Loneguard (Dec 30)
- Re: majordomo local exploit Andrew Brown (Dec 30)
- Re: majordomo local exploit Henrik Nordstrom (Dec 30)
- Fix for HP-UX automountd/autofs exploit (fwd) Doug Siebert (Dec 30)
- Re: Fix for HP-UX automountd/autofs exploit (fwd) LaMont Jones (Dec 31)
- vibackup.sh Loneguard (Dec 31)
- More info on MS99-061 (IIS escape character vulnerability) .rain.forest.puppy. (Dec 29)
- Follow UP AltaVista rudi carell (Dec 30)
- Re: majordomo local exploit Brock Sides (Dec 29)
- CERT Advisory CA-99-17 Denial-of-Service Tools Aleph One (Dec 29)
- Re: majordomo local exploit Christopher X. Candreva (Dec 29)
- The "Mac DoS Attack," a Scheme for Blocking Internet Connections John Copeland (Dec 29)
- Re: majordomo local exploit Olaf Kirch (Dec 29)
- Re: majordomo local exploit Spidey (Dec 29)
- Fwd: Sun Security Bulletin #00192 Bryan Blackburn (Dec 29)