Bugtraq mailing list archives

Re: majordomo 1.94.5 does not fix all vulnerabilities

From: mj () UCW CZ (Martin Mares)
Date: Tue, 25 Jan 2000 22:52:19 +0100


Hello!

If you think about it, this makes daemon and majordomo accounts
interchangeable. If I break daemon, I can become majordomo because of
all the holes in it. If I can become majordomo, I can also become
daemon--I just have to replace the wrapper program with my own binary
(the majordomo directory is owned by majordomo in the default install).


   Another possibility is to drop `wrapper' and use a mail queue management
daemon with a simple setuid utility for inserting new mail to the queue.
See ftp://atrey.karlin.mff.cuni.cz/pub/local/mj/net/usher-1.0.tar.gz
for details.

                                Have a nice fortnight

--
Martin `MJ' Mares   <mj () ucw cz>   http://atrey.karlin.mff.cuni.cz/~mj/
Faculty of Math and Physics, Charles University, Prague, Czech Rep., Earth
"Anyone can build a fast CPU. The trick is to build a fast system." -- S. Cray

Current thread:

Re: usual iploggers miss some variable stealth scans, (continued)
- Re: usual iploggers miss some variable stealth scans Hank Leininger (Jan 18)
- Re: usual iploggers miss some variable stealth scans Oliver Friedrichs (Jan 19)
  - Re: usual iploggers miss some variable stealth scans Ralf Laue (Jan 21)
  - Re: usual iploggers miss some variable stealth scans antirez (Jan 22)
    - Re: usual iploggers miss some variable stealth scans Theo de Raadt (Jan 23)
    - Security Bulletins Digest Aleph One (Jan 24)
    - majordomo 1.94.5 does not fix all vulnerabilities Brock Sides (Jan 24)
    - Re: majordomo 1.94.5 does not fix all vulnerabilities Chan Wilson (Jan 25)
    - Re: majordomo 1.94.5 does not fix all vulnerabilities Dave Barr (Jan 25)
    - Re: majordomo 1.94.5 does not fix all vulnerabilities Olaf Kirch (Jan 25)
    - Re: majordomo 1.94.5 does not fix all vulnerabilities Martin Mares (Jan 25)