<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Bugtraq: Re: majordomo local exploit

Re: majordomo local exploit

From: Chan Wilson <cwilson_at_NEU.SGI.COM>
Date: Fri, 7 Jan 2000 16:27:32 +0100

> The following patch, built upon code and suggestions submitted by
> Henrik Edlund, Henrik Nordstrom, and Andrew Brown, is intended to render
> safe the config file requires, in the seven scripts which use them, in
> the Majordomo 1.94.4 home directory. It also incorporates Todd Miller's
> patch of Dec. 29.

This doesn't address the problem on Unixen that allow one to 'give
away' files. Nor is it compatible with the philosophy that majordomo
1.x should continue to run under perl4.

The proper fix appears to be simply 'chmod 0750 wrapper', perhaps
along with setting the group owner of wrapper to the same as the MTA.

And, of course, restricting access to the majordomo server.

--Chan
majordomo maintainer.
Received on Jan 07 2000

This message: [ Message body ]
Next message: Brock Tellier: "Re: [Hackerslab bug_paper] Solaris chkperm buffer overflow"
Previous message: Georgi Guninski: "IE 5 security vulnerablity - circumventing Cross-frame security policy and accessing the DOM of "old" documents."
Maybe in reply to: John Archie: "Re: majordomo local exploit"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos