Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Vulnerability in Majordomo
From: oxymoron () waste org (Oliver Xymoron)
Date: Tue, 26 Aug 1997 15:19:53 -0500


On Sun, 24 Aug 1997, Razvan Dragomirescu wrote:

I have discovered a vulnerablility in "majordomo" that allows local and
remote users to execute commands with the rights of the user running the
server. This user is usually in the daemon group, so this can be quite
harmful.

This should fix the problem in a fairly straightforward manner:

--- majordomo-pre-list-fix      Tue Aug 26 14:11:07 1997
+++ majordomo   Tue Aug 26 15:06:52 1997
@@ -1374,7 +1374,7 @@
                if ($'config_opts{$list, 'advertise'} ne '') {
                   @array = split(/\001/,$'config_opts{$list,
'advertise'});
                   foreach $i (@array) {
-                     $command = "(q~$reply_addr~ =~ $i)";
+                     $command = '($reply_addr'." =~ $i)";
                      $result = 1, last if (eval $command);
                   }
                 } else { $result = 1; }
@@ -1384,7 +1384,7 @@
                   @array = split(/\001/,$'config_opts{$list,
'noadvertise'});

                   foreach $i (@array) {
-                     $command = "(q~$reply_addr~ =~ $i)";
+                     $command = '($reply_addr'." =~ $i)";
                      $result = 0, last if (eval $command);
                    }
                }

--
 "Love the dolphins," she advised him. "Write by W.A.S.T.E.."



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault