Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Re: elm filter program
From: wfp5p () CTHULHU ITC VIRGINIA EDU (Bill Pemberton)
Date: Mon, 13 Sep 1999 08:44:00 -0400

Cornelius Krasel writes:


"filter" is inherently unsafe. A bug has been described in 1995 which
allows reading email of anybody on the system. The description can be
found in the BugTraq archives, I believe. I include the full message
below. While it was written in 1995, it still works with the filter
version of Elm 2.4ME+ PL35 (25) which is from 1997. (I don't know
whether there are any more recent elm versions.)



Elm 2.4ME+ PL35 is not the official version of elm.  The official
version of elm is 2.5.2 and does not include the filter program.

--
Bill Pemberton  (Elm Coordinator)              wfp5p () virginia edu
ITC/Unix Systems                               flash () virginia edu
University of Virginia

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]