Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

sendmail vunerability ?

From: ekbond () PSCEL COM (E Kelly Bond)
Date: Sat, 5 Feb 2000 12:03:24 -0500

I am running Redhat 6.1 with kern 2.2.12-20, and sendmail 8.9.3-15.

I noticed the following in my syslog from last night:

Jan 30 05:15:33 rudolph sendmail[27418]: FAA27418: from=<>,
size=2938,class=0, pri=242938, nrcpts=8, msgid=<ZOKXFgOYpTbyc.UhyP
xLP2r () mail localhost com>, proto=SMTP,
relay=14-100.015.popsite.net[216.126.184.100]
Jan 30 05:15:33 rudolph sendmail[27464]: FAA27418:
forward/var/spool/mail/.forward.rudolph: Group writable directory
Jan 30 05:15:33 rudolph sendmail[27464]: FAA27418:
forward/var/spool/mail/.forward: Group writable directory

Jan 30 05:15:36 rudolph sendmail[27452]: FAA27452: from=<>,
size=2938,class=0, pri=242938, nrcpts=8, msgid=<my65UVbQoJG3c.sZYA
FrpF1 () mail localhost com>, proto=SMTP,
relay=14-100.015.popsite.net[216.126.184.100]
Jan 30 05:15:36 rudolph sendmail[27490]: FAA27452:
forward/var/spool/lpd/.forward.rudolph writable directory
Jan 30 05:15:36 rudolphil[27490]: FAA27452: forward
/var/spool/lpd/.forward:Group writable directory

The ".forward" files were not there at 8 am when i checked the logs and saw
the activity.

Can sendmail be used to create arbitrary directories?

K

<HR NOSHADE>
<UL>
<LI>text/x-vcard attachment: E_Kelly_Bond.vcf
</UL>
Previous By Date Next
Previous By Thread Next

Current thread: