Bugtraq: Re: INN1.4sec on Linux

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: INN1.4sec on Linux

From: barr () math psu edu (Dave Barr)
Date: Mon, 25 Sep 1995 13:48:04 -0400


In message <m0sue0r-00005AC () monad swb de>, Olaf Kirch writes:

there's a problem with INN1.4sec as distributed on sunsite and probably
a number of Linux distributions. Control messages are parsed by shell
scripts, which (at least for some shells) allow remote users to execute
arbitrary commands on your news host.


It should be noted that my INN 1.4unoff2 release includes a fix for
this.  As far as I know, it fixes the problem.

It doesn't include a fix for rnews, however.  I think rnews itself
should clear the environment itself and set the PATH.

--Dave

By Date By Thread

Current thread:

Re: load.root (loadmodule hole), (continued)
- Re: load.root (loadmodule hole) Urban (Sep 15)
  - Re: load.root (loadmodule hole) Fred Blonder (Sep 15)
    - Re: load.root (loadmodule hole) Pat The Friendly RedNeck (Sep 15)
  - Re: load.root (loadmodule hole) Urban (Sep 18)
  - INN1.4sec on Linux Olaf Kirch (Sep 18)
    - Re: INN1.4sec on Linux Dave Barr (Sep 25)
- Re: load.root (loadmodule hole) Brad Powell (Sep 15)
  - Re: load.root (loadmodule hole) Karl Strickland (Sep 17)
  - Re: load.root (loadmodule hole) Casper Dik (Sep 26)
- Re: load.root (loadmodule hole) Brad Powell (Sep 16)
- Re: load.root (loadmodule hole) Dave Mitchell (Sep 18)