Bugtraq mailing list archives
Re: Authentication failure in cmd5checkpw 0.21
From: Krzysztof Dabrowski <brush () POL PL>
Date: Tue, 17 Oct 2000 11:39:36 +0200
Hello. I'm the author of both packages (cmd5checkpw and qmail-smtpd-auth). First i would like to thank Javier for acting in a proffesional way (i've got early warning, i've replaved the bugged cmd5checkpw and after a week he sent information to Bugtraq). If you are using the cmd5checkpw be sure to grab the latest 0.22 version from: http://members.elysium.pl/brush/cmd5checkpw/ >Description: >This program works as an authentication plug-in for a patch of the same aut= >hor to add SMTP AUTH support to QMail. I found that if it was fed with a no= >n-existing user name, it would segfault due to the lack of checking for the= >(imprabable?) reason of such an invalid input. Guess what? Nobody has noticed it and a lot of people is using it for last 10 month. Shame on me for this silly bug, but it was due to lack of good testing and night coding sessions (we've been under spam-attack in that times). > the consecuence of this problem; the caller -in this case the patched qmai= l>-smtpd - would take its child crashing as a successful authentication, thu= >s validating the session. This brings an open door for spam. Yes, and it should be noted that this is the only consequence of this exploit. No break in possible (AFAIK). >Even though this utility was fixed, the vulnerability in the patch to qmail= >-smtpd still remains, leaving the door opened to further bugs in the authen= >ication plug-ins. The qmail-smtpd-auth patch is also fixed now. When the child crashes it returns propper error message now. Grab the latest version (0.26) from: http://members.elysium.pl/brush/qmail-smtpd-auth/ That's it. Brush p.s. any errors in qmail-smtpd-auth are only mine, and not Dan Bernstein's (the original author of qmail). Please do not blame him or waste his time e-mailing about this particular bug.
Current thread:
- Authentication failure in cmd5checkpw 0.21 Javier Kohen (Oct 16)
- <Possible follow-ups>
- Re: Authentication failure in cmd5checkpw 0.21 Krzysztof Dabrowski (Oct 17)