home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
QRZ! Ham Radio 4
/
QRZ Ham Radio Callsign Database - Volume 4.iso
/
digests
/
tcp
/
940095.txt
< prev
next >
Wrap
Internet Message Format
|
1994-11-13
|
43KB
Date: Fri, 20 May 94 04:30:08 PDT
From: Advanced Amateur Radio Networking Group <tcp-group@ucsd.edu>
Errors-To: TCP-Group-Errors@UCSD.Edu
Reply-To: TCP-Group@UCSD.Edu
Precedence: Bulk
Subject: TCP-Group Digest V94 #95
To: tcp-group-digest
TCP-Group Digest Fri, 20 May 94 Volume 94 : Issue 95
Today's Topics:
Returned Mail
Unix version of convers? (2 msgs)
Send Replies or notes for publication to: <TCP-Group@UCSD.Edu>.
Subscription requests to <TCP-Group-REQUEST@UCSD.Edu>.
Problems you can't solve otherwise to brian@ucsd.edu.
Archives of past issues of the TCP-Group Digest are available
(by FTP only) from UCSD.Edu in directory "mailarchives".
We trust that readers are intelligent enough to realize that all text
herein consists of personal comments and does not represent the official
policies or positions of any party. Your mileage may vary. So there.
----------------------------------------------------------------------
Date: Thu, 19 May 94 08:31 CDT
From: Postmaster@mail.admin.wisc.edu
Subject: Returned Mail
To: tcp-group@ucsd.edu
Mail could not be delivered to the following
recipients:
RELAY.TCP-GROUP@ADP
-------- Original Message Follows -------
X-ENVELOPE-FROM:<owner-tcp-digest@ucsd.edu>
X-TO:<relay.tcp-group@ADP>
Received: from pgd.adp.wisc.edu by BLUE.ADP.WISC.EDU (IBM MVS SMTP V2R2.1)
with TCP; Thu, 19 May 94 08:29:04 CST
Received: from ucsd.edu by pgd.adp.wisc.edu with SMTP
id AA17543 ; Thu, 19 May 94 07:40:46 CST
Received: by ucsd.edu; id EAA16700
sendmail 8.6.9/UCSD-2.2-sun
Thu, 19 May 1994 04:30:08 -0700 for tcp-digest-list
Received: by ucsd.edu; id EAA16686
sendmail 8.6.9/UCSD-2.2-sun
Thu, 19 May 1994 04:30:07 -0700 for tcp-group-ddist
Message-Id: <199405191130.EAA16686@ucsd.edu>
Date: Thu, 19 May 94 04:30:05 PDT
From: Advanced Amateur Radio Networking Group <tcp-group@UCSD.EDU>
Errors-To: TCP-Group-Errors@UCSD.EDU
Reply-To: TCP-Group@UCSD.EDU
Precedence: Bulk
Subject: TCP-Group Digest V94 #94
XT: tcp-group-digest@UCSD.EDU
TCP-Group Digest Thu, 19 May 94 Volume 94 : Issue 94
Today's Topics:
UNIVPERM Security Problem (2 msgs)
Send Replies or notes for publication to: <TCP-Group@UCSD.Edu>.
Subscription requests to <TCP-Group-REQUEST@UCSD.Edu>.
Problems you can't solve otherwise to brian@ucsd.edu.
Archives of past issues of the TCP-Group Digest are available
(by FTP only) from UCSD.Edu in directory "mailarchives".
We trust that readers are intelligent enough to realize that all text
herein consists of personal comments and does not represent the official
policies or positions of any party. Your mileage may vary. So there.
----------------------------------------------------------------------
Date: Wed, 18 May 94 14:40:25 CST
From: rtorres@tazz.coacade.uv.mx
Subject: UNIVPERM Security Problem
To: tcpgroup@ucsd.edu
Hi Folks!!. I have a security problem with the univperm permission. When it is
set, anyone can access any of the mailboxes by doing this: By example, your
login is root, and password xxxx. Then someone can access your mailbox by
entering 'root<space><space><space><space>xx', and any password he wants.
Off course it can be easily resolved by verifying that the login does not
contain a separator character before accepting it :), returning a 'wrong login'
message or something so. What do you think??
Greetings!!
Roman
-=-=-=-=-=-=-=-=
Roman Torres
Programmer
rtorres@tazz.coacade.uv.mx
Tazz BBS MEXICO
------------------------------
Date: Wed, 18 May 94 17:32:18 HST
From: tony@mpg.phys.hawaii.edu (Antonio Querubin)
Subject: UNIVPERM Security Problem
To: tcpgroup@ucsd.edu, nos-bbs@hydra.carleton.ca
> Hi Folks!!. I have a security problem with the univperm permission. When it
is
> set, anyone can access any of the mailboxes by doing this: By example, your
> login is root, and password xxxx. Then someone can access your mailbox by
> entering 'root<space><space><space><space>xx', and any password he wants.
> Off course it can be easily resolved by verifying that the login does not
> contain a separator character before accepting it :), returning a 'wrong
login'
> message or something so. What do you think??
Just put a 'root' entry into ftpusers with an obscure password. Do the same
for any username that has to be secured...
Tony
------------------------------
End of TCP-Group Digest V94 #94
******************************
------------------------------
Date: Thu, 19 May 94 09:41 PDT
From: bob@nyssa.wa7ipx.ampr.org (Bob Finch)
Subject: Unix version of convers?
To: tcp-group@ucsd.edu
Are there Unix implementations of convers servers that work with the
JNOS convers server?
Any pointers to source available by ftp would be appreciated.
73 -- Bob
------------------------------
Date: Thu, 19 May 94 13:12:15 MDT
From: Dieter Deyke <deyke@mdddhd.fc.hp.com>
Subject: Unix version of convers?
To: tcp-group@ucsd.edu
> Are there Unix implementations of convers servers that work with the
> JNOS convers server?
>
> Any pointers to source available by ftp would be appreciated.
Check out WAMPES on UCSD.EDU.
73,
--
Dieter Deyke - deyke@fc.hp.com - dk5sg@db0sao.ampr.org
------------------------------
Date: Thu May 19 13:12:56 GMT 1994
From: smtp@zeus.USG.Sandy.Novell.COM
To: tcp-group@ucsd.edu
>From smtp Thu May 19 07:12 MDT 1994
Received: from UCSD.EDU by mycroft.IS.Sandy.Novell.COM; Thu, 19 May 94 07:12 MDT
Received: from ucsd.edu by ns.Novell.COM (4.1/SMI-4.1)
id AA11128; Thu, 19 May 94 07:07:50 MDT
Received: by ucsd.edu; id EAA16700
sendmail 8.6.9/UCSD-2.2-sun
Thu, 19 May 1994 04:30:08 -0700 for tcp-digest-list
Received: by ucsd.edu; id EAA16686
sendmail 8.6.9/UCSD-2.2-sun
Thu, 19 May 1994 04:30:07 -0700 for tcp-group-ddist
Errors-To: TCP-Group-Errors@UCSD.EDU
Message-Id: <199405191130.EAA16686@ucsd.edu>
Date: Thu, 19 May 94 04:30:05 PDT
From: Advanced Amateur Radio Networking Group <tcp-group@UCSD.EDU>
Errors-To: TCP-Group-Errors@UCSD.EDU
Reply-To: TCP-Group@UCSD.EDU
Content-Length: 2414
Content-Type: text
Precedence: Bulk
Subject: TCP-Group Digest V94 #94
To: tcp-group-digest@UCSD.EDU
TCP-Group Digest Thu, 19 May 94 Volume 94 : Issue 94
Today's Topics:
UNIVPERM Security Problem (2 msgs)
Send Replies or notes for publication to: <TCP-Group@UCSD.Edu>.
Subscription requests to <TCP-Group-REQUEST@UCSD.Edu>.
Problems you can't solve otherwise to brian@ucsd.edu.
Archives of past issues of the TCP-Group Digest are available
(by FTP only) from UCSD.Edu in directory "mailarchives".
We trust that readers are intelligent enough to realize that all text
herein consists of personal comments and does not represent the official
policies or positions of any party. Your mileage may vary. So there.
----------------------------------------------------------------------
Date: Wed, 18 May 94 14:40:25 CST
From: rtorres@tazz.coacade.uv.mx
Subject: UNIVPERM Security Problem
To: tcpgroup@ucsd.edu
Hi Folks!!. I have a security problem with the univperm permission. When it is
set, anyone can access any of the mailboxes by doing this: By example, your
login is root, and password xxxx. Then someone can access your mailbox by
entering 'root<space><space><space><space>xx', and any password he wants.
Off course it can be easily resolved by verifying that the login does not
contain a separator character before accepting it :), returning a 'wrong login'
message or something so. What do you think??
Greetings!!
Roman
-=-=-=-=-=-=-=-=
Roman Torres
Programmer
rtorres@tazz.coacade.uv.mx
Tazz BBS MEXICO
------------------------------
Date: Wed, 18 May 94 17:32:18 HST
From: tony@mpg.phys.hawaii.edu (Antonio Querubin)
Subject: UNIVPERM Security Problem
To: tcpgroup@ucsd.edu, nos-bbs@hydra.carleton.ca
> Hi Folks!!. I have a security problem with the univperm permission. When it is
> set, anyone can access any of the mailboxes by doing this: By example, your
> login is root, and password xxxx. Then someone can access your mailbox by
> entering 'root<space><space><space><space>xx', and any password he wants.
> Off course it can be easily resolved by verifying that the login does not
> contain a separator character before accepting it :), returning a 'wrong login'
> message or something so. What do you think??
Just put a 'root' entry into ftpusers with an obscure password. Do the same
for any username that has to be secured...
Tony
------------------------------
End of TCP-Group Digest V94 #94
******************************
------------------------------
Date: Thu May 19 13:28:00 GMT 1994
From: smtp@zeus.USG.Sandy.Novell.COM
To: tcp-group@ucsd.edu
>From smtp Thu May 19 07:27 MDT 1994
Received: from UCSD.EDU by mycroft.IS.Sandy.Novell.COM; Thu, 19 May 94 07:27 MDT
Received: from ucsd.edu by ns.Novell.COM (4.1/SMI-4.1)
id AA11128; Thu, 19 May 94 07:07:50 MDT
Received: by ucsd.edu; id EAA16700
sendmail 8.6.9/UCSD-2.2-sun
Thu, 19 May 1994 04:30:08 -0700 for tcp-digest-list
Received: by ucsd.edu; id EAA16686
sendmail 8.6.9/UCSD-2.2-sun
Thu, 19 May 1994 04:30:07 -0700 for tcp-group-ddist
Errors-To: TCP-Group-Errors@UCSD.EDU
Message-Id: <199405191130.EAA16686@ucsd.edu>
Date: Thu, 19 May 94 04:30:05 PDT
From: Advanced Amateur Radio Networking Group <tcp-group@UCSD.EDU>
Errors-To: TCP-Group-Errors@UCSD.EDU
Reply-To: TCP-Group@UCSD.EDU
Content-Length: 2414
Content-Type: text
Precedence: Bulk
Subject: TCP-Group Digest V94 #94
To: tcp-group-digest@UCSD.EDU
TCP-Group Digest Thu, 19 May 94 Volume 94 : Issue 94
Today's Topics:
UNIVPERM Security Problem (2 msgs)
Send Replies or notes for publication to: <TCP-Group@UCSD.Edu>.
Subscription requests to <TCP-Group-REQUEST@UCSD.Edu>.
Problems you can't solve otherwise to brian@ucsd.edu.
Archives of past issues of the TCP-Group Digest are available
(by FTP only) from UCSD.Edu in directory "mailarchives".
We trust that readers are intelligent enough to realize that all text
herein consists of personal comments and does not represent the official
policies or positions of any party. Your mileage may vary. So there.
----------------------------------------------------------------------
Date: Wed, 18 May 94 14:40:25 CST
From: rtorres@tazz.coacade.uv.mx
Subject: UNIVPERM Security Problem
To: tcpgroup@ucsd.edu
Hi Folks!!. I have a security problem with the univperm permission. When it is
set, anyone can access any of the mailboxes by doing this: By example, your
login is root, and password xxxx. Then someone can access your mailbox by
entering 'root<space><space><space><space>xx', and any password he wants.
Off course it can be easily resolved by verifying that the login does not
contain a separator character before accepting it :), returning a 'wrong login'
message or something so. What do you think??
Greetings!!
Roman
-=-=-=-=-=-=-=-=
Roman Torres
Programmer
rtorres@tazz.coacade.uv.mx
Tazz BBS MEXICO
------------------------------
Date: Wed, 18 May 94 17:32:18 HST
From: tony@mpg.phys.hawaii.edu (Antonio Querubin)
Subject: UNIVPERM Security Problem
To: tcpgroup@ucsd.edu, nos-bbs@hydra.carleton.ca
> Hi Folks!!. I have a security problem with the univperm permission. When it is
> set, anyone can access any of the mailboxes by doing this: By example, your
> login is root, and password xxxx. Then someone can access your mailbox by
> entering 'root<space><space><space><space>xx', and any password he wants.
> Off course it can be easily resolved by verifying that the login does not
> contain a separator character before accepting it :), returning a 'wrong login'
> message or something so. What do you think??
Just put a 'root' entry into ftpusers with an obscure password. Do the same
for any username that has to be secured...
Tony
------------------------------
End of TCP-Group Digest V94 #94
******************************
------------------------------
Date: Thu May 19 13:52:17 GMT 1994
From: smtp@zeus.USG.Sandy.Novell.COM
To: tcp-group@ucsd.edu
>From smtp Thu May 19 07:52 MDT 1994
Received: from UCSD.EDU by mycroft.IS.Sandy.Novell.COM; Thu, 19 May 94 07:52 MDT
Received: from ucsd.edu by ns.Novell.COM (4.1/SMI-4.1)
id AA11128; Thu, 19 May 94 07:07:50 MDT
Received: by ucsd.edu; id EAA16700
sendmail 8.6.9/UCSD-2.2-sun
Thu, 19 May 1994 04:30:08 -0700 for tcp-digest-list
Received: by ucsd.edu; id EAA16686
sendmail 8.6.9/UCSD-2.2-sun
Thu, 19 May 1994 04:30:07 -0700 for tcp-group-ddist
Errors-To: TCP-Group-Errors@UCSD.EDU
Message-Id: <199405191130.EAA16686@ucsd.edu>
Date: Thu, 19 May 94 04:30:05 PDT
From: Advanced Amateur Radio Networking Group <tcp-group@UCSD.EDU>
Errors-To: TCP-Group-Errors@UCSD.EDU
Reply-To: TCP-Group@UCSD.EDU
Content-Length: 2414
Content-Type: text
Precedence: Bulk
Subject: TCP-Group Digest V94 #94
To: tcp-group-digest@UCSD.EDU
TCP-Group Digest Thu, 19 May 94 Volume 94 : Issue 94
Today's Topics:
UNIVPERM Security Problem (2 msgs)
Send Replies or notes for publication to: <TCP-Group@UCSD.Edu>.
Subscription requests to <TCP-Group-REQUEST@UCSD.Edu>.
Problems you can't solve otherwise to brian@ucsd.edu.
Archives of past issues of the TCP-Group Digest are available
(by FTP only) from UCSD.Edu in directory "mailarchives".
We trust that readers are intelligent enough to realize that all text
herein consists of personal comments and does not represent the official
policies or positions of any party. Your mileage may vary. So there.
----------------------------------------------------------------------
Date: Wed, 18 May 94 14:40:25 CST
From: rtorres@tazz.coacade.uv.mx
Subject: UNIVPERM Security Problem
To: tcpgroup@ucsd.edu
Hi Folks!!. I have a security problem with the univperm permission. When it is
set, anyone can access any of the mailboxes by doing this: By example, your
login is root, and password xxxx. Then someone can access your mailbox by
entering 'root<space><space><space><space>xx', and any password he wants.
Off course it can be easily resolved by verifying that the login does not
contain a separator character before accepting it :), returning a 'wrong login'
message or something so. What do you think??
Greetings!!
Roman
-=-=-=-=-=-=-=-=
Roman Torres
Programmer
rtorres@tazz.coacade.uv.mx
Tazz BBS MEXICO
------------------------------
Date: Wed, 18 May 94 17:32:18 HST
From: tony@mpg.phys.hawaii.edu (Antonio Querubin)
Subject: UNIVPERM Security Problem
To: tcpgroup@ucsd.edu, nos-bbs@hydra.carleton.ca
> Hi Folks!!. I have a security problem with the univperm permission. When it is
> set, anyone can access any of the mailboxes by doing this: By example, your
> login is root, and password xxxx. Then someone can access your mailbox by
> entering 'root<space><space><space><space>xx', and any password he wants.
> Off course it can be easily resolved by verifying that the login does not
> contain a separator character before accepting it :), returning a 'wrong login'
> message or something so. What do you think??
Just put a 'root' entry into ftpusers with an obscure password. Do the same
for any username that has to be secured...
Tony
------------------------------
End of TCP-Group Digest V94 #94
******************************
------------------------------
Date: Thu May 19 14:57:29 GMT 1994
From: smtp@zeus.USG.Sandy.Novell.COM
To: tcp-group@UCSD.EDU
>From smtp Thu May 19 08:57 MDT 1994
Received: from UCSD.EDU by mycroft.IS.Sandy.Novell.COM; Thu, 19 May 94 08:57 MDT
Received: from ucsd.edu by ns.Novell.COM (4.1/SMI-4.1)
id AA11128; Thu, 19 May 94 07:07:50 MDT
Received: by ucsd.edu; id EAA16700
sendmail 8.6.9/UCSD-2.2-sun
Thu, 19 May 1994 04:30:08 -0700 for tcp-digest-list
Received: by ucsd.edu; id EAA16686
sendmail 8.6.9/UCSD-2.2-sun
Thu, 19 May 1994 04:30:07 -0700 for tcp-group-ddist
Errors-To: TCP-Group-Errors@UCSD.EDU
Message-Id: <199405191130.EAA16686@ucsd.edu>
Date: Thu, 19 May 94 04:30:05 PDT
From: Advanced Amateur Radio Networking Group <tcp-group@UCSD.EDU>
Errors-To: TCP-Group-Errors@UCSD.EDU
Reply-To: TCP-Group@UCSD.EDU
Content-Length: 2414
Content-Type: text
Precedence: Bulk
Subject: TCP-Group Digest V94 #94
To: tcp-group-digest@UCSD.EDU
TCP-Group Digest Thu, 19 May 94 Volume 94 : Issue 94
Today's Topics:
UNIVPERM Security Problem (2 msgs)
Send Replies or notes for publication to: <TCP-Group@UCSD.Edu>.
Subscription requests to <TCP-Group-REQUEST@UCSD.Edu>.
Problems you can't solve otherwise to brian@ucsd.edu.
Archives of past issues of the TCP-Group Digest are available
(by FTP only) from UCSD.Edu in directory "mailarchives".
We trust that readers are intelligent enough to realize that all text
herein consists of personal comments and does not represent the official
policies or positions of any party. Your mileage may vary. So there.
----------------------------------------------------------------------
Date: Wed, 18 May 94 14:40:25 CST
From: rtorres@tazz.coacade.uv.mx
Subject: UNIVPERM Security Problem
To: tcpgroup@ucsd.edu
Hi Folks!!. I have a security problem with the univperm permission. When it is
set, anyone can access any of the mailboxes by doing this: By example, your
login is root, and password xxxx. Then someone can access your mailbox by
entering 'root<space><space><space><space>xx', and any password he wants.
Off course it can be easily resolved by verifying that the login does not
contain a separator character before accepting it :), returning a 'wrong login'
message or something so. What do you think??
Greetings!!
Roman
-=-=-=-=-=-=-=-=
Roman Torres
Programmer
rtorres@tazz.coacade.uv.mx
Tazz BBS MEXICO
------------------------------
Date: Wed, 18 May 94 17:32:18 HST
From: tony@mpg.phys.hawaii.edu (Antonio Querubin)
Subject: UNIVPERM Security Problem
To: tcpgroup@ucsd.edu, nos-bbs@hydra.carleton.ca
> Hi Folks!!. I have a security problem with the univperm permission. When it is
> set, anyone can access any of the mailboxes by doing this: By example, your
> login is root, and password xxxx. Then someone can access your mailbox by
> entering 'root<space><space><space><space>xx', and any password he wants.
> Off course it can be easily resolved by verifying that the login does not
> contain a separator character before accepting it :), returning a 'wrong login'
> message or something so. What do you think??
Just put a 'root' entry into ftpusers with an obscure password. Do the same
for any username that has to be secured...
Tony
------------------------------
End of TCP-Group Digest V94 #94
******************************
------------------------------
Date: Thu May 19 13:45:01 GMT 1994
From: smtp@zeus.USG.Sandy.Novell.COM
To: tcp-group@UCSD.EDU
>From smtp Thu May 19 07:45 MDT 1994
Received: from UCSD.EDU by mycroft.IS.Sandy.Novell.COM; Thu, 19 May 94 07:45 MDT
Received: from ucsd.edu by ns.Novell.COM (4.1/SMI-4.1)
id AA11128; Thu, 19 May 94 07:07:50 MDT
Received: by ucsd.edu; id EAA16700
sendmail 8.6.9/UCSD-2.2-sun
Thu, 19 May 1994 04:30:08 -0700 for tcp-digest-list
Received: by ucsd.edu; id EAA16686
sendmail 8.6.9/UCSD-2.2-sun
Thu, 19 May 1994 04:30:07 -0700 for tcp-group-ddist
Errors-To: TCP-Group-Errors@UCSD.EDU
Message-Id: <199405191130.EAA16686@ucsd.edu>
Date: Thu, 19 May 94 04:30:05 PDT
From: Advanced Amateur Radio Networking Group <tcp-group@UCSD.EDU>
Errors-To: TCP-Group-Errors@UCSD.EDU
Reply-To: TCP-Group@UCSD.EDU
Content-Length: 2414
Content-Type: text
Precedence: Bulk
Subject: TCP-Group Digest V94 #94
To: tcp-group-digest@UCSD.EDU
TCP-Group Digest Thu, 19 May 94 Volume 94 : Issue 94
Today's Topics:
UNIVPERM Security Problem (2 msgs)
Send Replies or notes for publication to: <TCP-Group@UCSD.Edu>.
Subscription requests to <TCP-Group-REQUEST@UCSD.Edu>.
Problems you can't solve otherwise to brian@ucsd.edu.
Archives of past issues of the TCP-Group Digest are available
(by FTP only) from UCSD.Edu in directory "mailarchives".
We trust that readers are intelligent enough to realize that all text
herein consists of personal comments and does not represent the official
policies or positions of any party. Your mileage may vary. So there.
----------------------------------------------------------------------
Date: Wed, 18 May 94 14:40:25 CST
From: rtorres@tazz.coacade.uv.mx
Subject: UNIVPERM Security Problem
To: tcpgroup@ucsd.edu
Hi Folks!!. I have a security problem with the univperm permission. When it is
set, anyone can access any of the mailboxes by doing this: By example, your
login is root, and password xxxx. Then someone can access your mailbox by
entering 'root<space><space><space><space>xx', and any password he wants.
Off course it can be easily resolved by verifying that the login does not
contain a separator character before accepting it :), returning a 'wrong login'
message or something so. What do you think??
Greetings!!
Roman
-=-=-=-=-=-=-=-=
Roman Torres
Programmer
rtorres@tazz.coacade.uv.mx
Tazz BBS MEXICO
------------------------------
Date: Wed, 18 May 94 17:32:18 HST
From: tony@mpg.phys.hawaii.edu (Antonio Querubin)
Subject: UNIVPERM Security Problem
To: tcpgroup@ucsd.edu, nos-bbs@hydra.carleton.ca
> Hi Folks!!. I have a security problem with the univperm permission. When it is
> set, anyone can access any of the mailboxes by doing this: By example, your
> login is root, and password xxxx. Then someone can access your mailbox by
> entering 'root<space><space><space><space>xx', and any password he wants.
> Off course it can be easily resolved by verifying that the login does not
> contain a separator character before accepting it :), returning a 'wrong login'
> message or something so. What do you think??
Just put a 'root' entry into ftpusers with an obscure password. Do the same
for any username that has to be secured...
Tony
------------------------------
End of TCP-Group Digest V94 #94
******************************
------------------------------
Date: Thu May 19 13:58:24 GMT 1994
From: smtp@zeus.USG.Sandy.Novell.COM
To: tcp-group@ucsd.edu
>From smtp Thu May 19 07:58 MDT 1994
Received: from UCSD.EDU by mycroft.IS.Sandy.Novell.COM; Thu, 19 May 94 07:58 MDT
Received: from ucsd.edu by ns.Novell.COM (4.1/SMI-4.1)
id AA11128; Thu, 19 May 94 07:07:50 MDT
Received: by ucsd.edu; id EAA16700
sendmail 8.6.9/UCSD-2.2-sun
Thu, 19 May 1994 04:30:08 -0700 for tcp-digest-list
Received: by ucsd.edu; id EAA16686
sendmail 8.6.9/UCSD-2.2-sun
Thu, 19 May 1994 04:30:07 -0700 for tcp-group-ddist
Errors-To: TCP-Group-Errors@UCSD.EDU
Message-Id: <199405191130.EAA16686@ucsd.edu>
Date: Thu, 19 May 94 04:30:05 PDT
From: Advanced Amateur Radio Networking Group <tcp-group@UCSD.EDU>
Errors-To: TCP-Group-Errors@UCSD.EDU
Reply-To: TCP-Group@UCSD.EDU
Content-Length: 2414
Content-Type: text
Precedence: Bulk
Subject: TCP-Group Digest V94 #94
To: tcp-group-digest@UCSD.EDU
TCP-Group Digest Thu, 19 May 94 Volume 94 : Issue 94
Today's Topics:
UNIVPERM Security Problem (2 msgs)
Send Replies or notes for publication to: <TCP-Group@UCSD.Edu>.
Subscription requests to <TCP-Group-REQUEST@UCSD.Edu>.
Problems you can't solve otherwise to brian@ucsd.edu.
Archives of past issues of the TCP-Group Digest are available
(by FTP only) from UCSD.Edu in directory "mailarchives".
We trust that readers are intelligent enough to realize that all text
herein consists of personal comments and does not represent the official
policies or positions of any party. Your mileage may vary. So there.
----------------------------------------------------------------------
Date: Wed, 18 May 94 14:40:25 CST
From: rtorres@tazz.coacade.uv.mx
Subject: UNIVPERM Security Problem
To: tcpgroup@ucsd.edu
Hi Folks!!. I have a security problem with the univperm permission. When it is
set, anyone can access any of the mailboxes by doing this: By example, your
login is root, and password xxxx. Then someone can access your mailbox by
entering 'root<space><space><space><space>xx', and any password he wants.
Off course it can be easily resolved by verifying that the login does not
contain a separator character before accepting it :), returning a 'wrong login'
message or something so. What do you think??
Greetings!!
Roman
-=-=-=-=-=-=-=-=
Roman Torres
Programmer
rtorres@tazz.coacade.uv.mx
Tazz BBS MEXICO
------------------------------
Date: Wed, 18 May 94 17:32:18 HST
From: tony@mpg.phys.hawaii.edu (Antonio Querubin)
Subject: UNIVPERM Security Problem
To: tcpgroup@ucsd.edu, nos-bbs@hydra.carleton.ca
> Hi Folks!!. I have a security problem with the univperm permission. When it is
> set, anyone can access any of the mailboxes by doing this: By example, your
> login is root, and password xxxx. Then someone can access your mailbox by
> entering 'root<space><space><space><space>xx', and any password he wants.
> Off course it can be easily resolved by verifying that the login does not
> contain a separator character before accepting it :), returning a 'wrong login'
> message or something so. What do you think??
Just put a 'root' entry into ftpusers with an obscure password. Do the same
for any username that has to be secured...
Tony
------------------------------
End of TCP-Group Digest V94 #94
******************************
------------------------------
Date: Thu May 19 14:42:52 GMT 1994
From: smtp@zeus.USG.Sandy.Novell.COM
To: tcp-group@ucsd.edu
>From smtp Thu May 19 08:42 MDT 1994
Received: from UCSD.EDU by mycroft.IS.Sandy.Novell.COM; Thu, 19 May 94 08:42 MDT
Received: from ucsd.edu by ns.Novell.COM (4.1/SMI-4.1)
id AA11128; Thu, 19 May 94 07:07:50 MDT
Received: by ucsd.edu; id EAA16700
sendmail 8.6.9/UCSD-2.2-sun
Thu, 19 May 1994 04:30:08 -0700 for tcp-digest-list
Received: by ucsd.edu; id EAA16686
sendmail 8.6.9/UCSD-2.2-sun
Thu, 19 May 1994 04:30:07 -0700 for tcp-group-ddist
Errors-To: TCP-Group-Errors@UCSD.EDU
Message-Id: <199405191130.EAA16686@ucsd.edu>
Date: Thu, 19 May 94 04:30:05 PDT
From: Advanced Amateur Radio Networking Group <tcp-group@UCSD.EDU>
Errors-To: TCP-Group-Errors@UCSD.EDU
Reply-To: TCP-Group@UCSD.EDU
Content-Length: 2414
Content-Type: text
Precedence: Bulk
Subject: TCP-Group Digest V94 #94
To: tcp-group-digest@UCSD.EDU
TCP-Group Digest Thu, 19 May 94 Volume 94 : Issue 94
Today's Topics:
UNIVPERM Security Problem (2 msgs)
Send Replies or notes for publication to: <TCP-Group@UCSD.Edu>.
Subscription requests to <TCP-Group-REQUEST@UCSD.Edu>.
Problems you can't solve otherwise to brian@ucsd.edu.
Archives of past issues of the TCP-Group Digest are available
(by FTP only) from UCSD.Edu in directory "mailarchives".
We trust that readers are intelligent enough to realize that all text
herein consists of personal comments and does not represent the official
policies or positions of any party. Your mileage may vary. So there.
----------------------------------------------------------------------
Date: Wed, 18 May 94 14:40:25 CST
From: rtorres@tazz.coacade.uv.mx
Subject: UNIVPERM Security Problem
To: tcpgroup@ucsd.edu
Hi Folks!!. I have a security problem with the univperm permission. When it is
set, anyone can access any of the mailboxes by doing this: By example, your
login is root, and password xxxx. Then someone can access your mailbox by
entering 'root<space><space><space><space>xx', and any password he wants.
Off course it can be easily resolved by verifying that the login does not
contain a separator character before accepting it :), returning a 'wrong login'
message or something so. What do you think??
Greetings!!
Roman
-=-=-=-=-=-=-=-=
Roman Torres
Programmer
rtorres@tazz.coacade.uv.mx
Tazz BBS MEXICO
------------------------------
Date: Wed, 18 May 94 17:32:18 HST
From: tony@mpg.phys.hawaii.edu (Antonio Querubin)
Subject: UNIVPERM Security Problem
To: tcpgroup@ucsd.edu, nos-bbs@hydra.carleton.ca
> Hi Folks!!. I have a security problem with the univperm permission. When it is
> set, anyone can access any of the mailboxes by doing this: By example, your
> login is root, and password xxxx. Then someone can access your mailbox by
> entering 'root<space><space><space><space>xx', and any password he wants.
> Off course it can be easily resolved by verifying that the login does not
> contain a separator character before accepting it :), returning a 'wrong login'
> message or something so. What do you think??
Just put a 'root' entry into ftpusers with an obscure password. Do the same
for any username that has to be secured...
Tony
------------------------------
End of TCP-Group Digest V94 #94
******************************
------------------------------
Date: Thu May 19 14:32:58 GMT 1994
From: smtp@zeus.USG.Sandy.Novell.COM
To: tcp-group@ucsd.edu
>From smtp Thu May 19 08:32 MDT 1994
Received: from UCSD.EDU by mycroft.IS.Sandy.Novell.COM; Thu, 19 May 94 08:32 MDT
Received: from ucsd.edu by ns.Novell.COM (4.1/SMI-4.1)
id AA11128; Thu, 19 May 94 07:07:50 MDT
Received: by ucsd.edu; id EAA16700
sendmail 8.6.9/UCSD-2.2-sun
Thu, 19 May 1994 04:30:08 -0700 for tcp-digest-list
Received: by ucsd.edu; id EAA16686
sendmail 8.6.9/UCSD-2.2-sun
Thu, 19 May 1994 04:30:07 -0700 for tcp-group-ddist
Errors-To: TCP-Group-Errors@UCSD.EDU
Message-Id: <199405191130.EAA16686@ucsd.edu>
Date: Thu, 19 May 94 04:30:05 PDT
From: Advanced Amateur Radio Networking Group <tcp-group@UCSD.EDU>
Errors-To: TCP-Group-Errors@UCSD.EDU
Reply-To: TCP-Group@UCSD.EDU
Content-Length: 2414
Content-Type: text
Precedence: Bulk
Subject: TCP-Group Digest V94 #94
To: tcp-group-digest@UCSD.EDU
TCP-Group Digest Thu, 19 May 94 Volume 94 : Issue 94
Today's Topics:
UNIVPERM Security Problem (2 msgs)
Send Replies or notes for publication to: <TCP-Group@UCSD.Edu>.
Subscription requests to <TCP-Group-REQUEST@UCSD.Edu>.
Problems you can't solve otherwise to brian@ucsd.edu.
Archives of past issues of the TCP-Group Digest are available
(by FTP only) from UCSD.Edu in directory "mailarchives".
We trust that readers are intelligent enough to realize that all text
herein consists of personal comments and does not represent the official
policies or positions of any party. Your mileage may vary. So there.
----------------------------------------------------------------------
Date: Wed, 18 May 94 14:40:25 CST
From: rtorres@tazz.coacade.uv.mx
Subject: UNIVPERM Security Problem
To: tcpgroup@ucsd.edu
Hi Folks!!. I have a security problem with the univperm permission. When it is
set, anyone can access any of the mailboxes by doing this: By example, your
login is root, and password xxxx. Then someone can access your mailbox by
entering 'root<space><space><space><space>xx', and any password he wants.
Off course it can be easily resolved by verifying that the login does not
contain a separator character before accepting it :), returning a 'wrong login'
message or something so. What do you think??
Greetings!!
Roman
-=-=-=-=-=-=-=-=
Roman Torres
Programmer
rtorres@tazz.coacade.uv.mx
Tazz BBS MEXICO
------------------------------
Date: Wed, 18 May 94 17:32:18 HST
From: tony@mpg.phys.hawaii.edu (Antonio Querubin)
Subject: UNIVPERM Security Problem
To: tcpgroup@ucsd.edu, nos-bbs@hydra.carleton.ca
> Hi Folks!!. I have a security problem with the univperm permission. When it is
> set, anyone can access any of the mailboxes by doing this: By example, your
> login is root, and password xxxx. Then someone can access your mailbox by
> entering 'root<space><space><space><space>xx', and any password he wants.
> Off course it can be easily resolved by verifying that the login does not
> contain a separator character before accepting it :), returning a 'wrong login'
> message or something so. What do you think??
Just put a 'root' entry into ftpusers with an obscure password. Do the same
for any username that has to be secured...
Tony
------------------------------
End of TCP-Group Digest V94 #94
******************************
------------------------------
Date: Thu May 19 14:12:30 GMT 1994
From: smtp@zeus.USG.Sandy.Novell.COM
To: tcp-group@UCSD.EDU
>From smtp Thu May 19 08:12 MDT 1994
Received: from UCSD.EDU by mycroft.IS.Sandy.Novell.COM; Thu, 19 May 94 08:12 MDT
Received: from ucsd.edu by ns.Novell.COM (4.1/SMI-4.1)
id AA11128; Thu, 19 May 94 07:07:50 MDT
Received: by ucsd.edu; id EAA16700
sendmail 8.6.9/UCSD-2.2-sun
Thu, 19 May 1994 04:30:08 -0700 for tcp-digest-list
Received: by ucsd.edu; id EAA16686
sendmail 8.6.9/UCSD-2.2-sun
Thu, 19 May 1994 04:30:07 -0700 for tcp-group-ddist
Errors-To: TCP-Group-Errors@UCSD.EDU
Message-Id: <199405191130.EAA16686@ucsd.edu>
Date: Thu, 19 May 94 04:30:05 PDT
From: Advanced Amateur Radio Networking Group <tcp-group@UCSD.EDU>
Errors-To: TCP-Group-Errors@UCSD.EDU
Reply-To: TCP-Group@UCSD.EDU
Content-Length: 2414
Content-Type: text
Precedence: Bulk
Subject: TCP-Group Digest V94 #94
To: tcp-group-digest@UCSD.EDU
TCP-Group Digest Thu, 19 May 94 Volume 94 : Issue 94
Today's Topics:
UNIVPERM Security Problem (2 msgs)
Send Replies or notes for publication to: <TCP-Group@UCSD.Edu>.
Subscription requests to <TCP-Group-REQUEST@UCSD.Edu>.
Problems you can't solve otherwise to brian@ucsd.edu.
Archives of past issues of the TCP-Group Digest are available
(by FTP only) from UCSD.Edu in directory "mailarchives".
We trust that readers are intelligent enough to realize that all text
herein consists of personal comments and does not represent the official
policies or positions of any party. Your mileage may vary. So there.
----------------------------------------------------------------------
Date: Wed, 18 May 94 14:40:25 CST
From: rtorres@tazz.coacade.uv.mx
Subject: UNIVPERM Security Problem
To: tcpgroup@ucsd.edu
Hi Folks!!. I have a security problem with the univperm permission. When it is
set, anyone can access any of the mailboxes by doing this: By example, your
login is root, and password xxxx. Then someone can access your mailbox by
entering 'root<space><space><space><space>xx', and any password he wants.
Off course it can be easily resolved by verifying that the login does not
contain a separator character before accepting it :), returning a 'wrong login'
message or something so. What do you think??
Greetings!!
Roman
-=-=-=-=-=-=-=-=
Roman Torres
Programmer
rtorres@tazz.coacade.uv.mx
Tazz BBS MEXICO
------------------------------
Date: Wed, 18 May 94 17:32:18 HST
From: tony@mpg.phys.hawaii.edu (Antonio Querubin)
Subject: UNIVPERM Security Problem
To: tcpgroup@ucsd.edu, nos-bbs@hydra.carleton.ca
> Hi Folks!!. I have a security problem with the univperm permission. When it is
> set, anyone can access any of the mailboxes by doing this: By example, your
> login is root, and password xxxx. Then someone can access your mailbox by
> entering 'root<space><space><space><space>xx', and any password he wants.
> Off course it can be easily resolved by verifying that the login does not
> contain a separator character before accepting it :), returning a 'wrong login'
> message or something so. What do you think??
Just put a 'root' entry into ftpusers with an obscure password. Do the same
for any username that has to be secured...
Tony
------------------------------
End of TCP-Group Digest V94 #94
******************************
------------------------------
Date: Thu May 19 14:49:26 GMT 1994
From: smtp@zeus.USG.Sandy.Novell.COM
To: tcp-group@UCSD.EDU
>From smtp Thu May 19 08:49 MDT 1994
Received: from UCSD.EDU by mycroft.IS.Sandy.Novell.COM; Thu, 19 May 94 08:49 MDT
Received: from ucsd.edu by ns.Novell.COM (4.1/SMI-4.1)
id AA11128; Thu, 19 May 94 07:07:50 MDT
Received: by ucsd.edu; id EAA16700
sendmail 8.6.9/UCSD-2.2-sun
Thu, 19 May 1994 04:30:08 -0700 for tcp-digest-list
Received: by ucsd.edu; id EAA16686
sendmail 8.6.9/UCSD-2.2-sun
Thu, 19 May 1994 04:30:07 -0700 for tcp-group-ddist
Errors-To: TCP-Group-Errors@UCSD.EDU
Message-Id: <199405191130.EAA16686@ucsd.edu>
Date: Thu, 19 May 94 04:30:05 PDT
From: Advanced Amateur Radio Networking Group <tcp-group@UCSD.EDU>
Errors-To: TCP-Group-Errors@UCSD.EDU
Reply-To: TCP-Group@UCSD.EDU
Content-Length: 2414
Content-Type: text
Precedence: Bulk
Subject: TCP-Group Digest V94 #94
To: tcp-group-digest@UCSD.EDU
TCP-Group Digest Thu, 19 May 94 Volume 94 : Issue 94
Today's Topics:
UNIVPERM Security Problem (2 msgs)
Send Replies or notes for publication to: <TCP-Group@UCSD.Edu>.
Subscription requests to <TCP-Group-REQUEST@UCSD.Edu>.
Problems you can't solve otherwise to brian@ucsd.edu.
Archives of past issues of the TCP-Group Digest are available
(by FTP only) from UCSD.Edu in directory "mailarchives".
We trust that readers are intelligent enough to realize that all text
herein consists of personal comments and does not represent the official
policies or positions of any party. Your mileage may vary. So there.
----------------------------------------------------------------------
Date: Wed, 18 May 94 14:40:25 CST
From: rtorres@tazz.coacade.uv.mx
Subject: UNIVPERM Security Problem
To: tcpgroup@ucsd.edu
Hi Folks!!. I have a security problem with the univperm permission. When it is
set, anyone can access any of the mailboxes by doing this: By example, your
login is root, and password xxxx. Then someone can access your mailbox by
entering 'root<space><space><space><space>xx', and any password he wants.
Off course it can be easily resolved by verifying that the login does not
contain a separator character before accepting it :), returning a 'wrong login'
message or something so. What do you think??
Greetings!!
Roman
-=-=-=-=-=-=-=-=
Roman Torres
Programmer
rtorres@tazz.coacade.uv.mx
Tazz BBS MEXICO
------------------------------
Date: Wed, 18 May 94 17:32:18 HST
From: tony@mpg.phys.hawaii.edu (Antonio Querubin)
Subject: UNIVPERM Security Problem
To: tcpgroup@ucsd.edu, nos-bbs@hydra.carleton.ca
> Hi Folks!!. I have a security problem with the univperm permission. When it is
> set, anyone can access any of the mailboxes by doing this: By example, your
> login is root, and password xxxx. Then someone can access your mailbox by
> entering 'root<space><space><space><space>xx', and any password he wants.
> Off course it can be easily resolved by verifying that the login does not
> contain a separator character before accepting it :), returning a 'wrong login'
> message or something so. What do you think??
Just put a 'root' entry into ftpusers with an obscure password. Do the same
for any username that has to be secured...
Tony
------------------------------
End of TCP-Group Digest V94 #94
******************************
------------------------------
Date: Thu May 19 14:28:05 GMT 1994
From: smtp@zeus.USG.Sandy.Novell.COM
To: tcp-group@ucsd.edu
>From smtp Thu May 19 08:28 MDT 1994
Received: from UCSD.EDU by mycroft.IS.Sandy.Novell.COM; Thu, 19 May 94 08:28 MDT
Received: from ucsd.edu by ns.Novell.COM (4.1/SMI-4.1)
id AA11128; Thu, 19 May 94 07:07:50 MDT
Received: by ucsd.edu; id EAA16700
sendmail 8.6.9/UCSD-2.2-sun
Thu, 19 May 1994 04:30:08 -0700 for tcp-digest-list
Received: by ucsd.edu; id EAA16686
sendmail 8.6.9/UCSD-2.2-sun
Thu, 19 May 1994 04:30:07 -0700 for tcp-group-ddist
Errors-To: TCP-Group-Errors@UCSD.EDU
Message-Id: <199405191130.EAA16686@ucsd.edu>
Date: Thu, 19 May 94 04:30:05 PDT
From: Advanced Amateur Radio Networking Group <tcp-group@UCSD.EDU>
Errors-To: TCP-Group-Errors@UCSD.EDU
Reply-To: TCP-Group@UCSD.EDU
Content-Length: 2414
Content-Type: text
Precedence: Bulk
Subject: TCP-Group Digest V94 #94
To: tcp-group-digest@UCSD.EDU
TCP-Group Digest Thu, 19 May 94 Volume 94 : Issue 94
Today's Topics:
UNIVPERM Security Problem (2 msgs)
Send Replies or notes for publication to: <TCP-Group@UCSD.Edu>.
Subscription requests to <TCP-Group-REQUEST@UCSD.Edu>.
Problems you can't solve otherwise to brian@ucsd.edu.
Archives of past issues of the TCP-Group Digest are available
(by FTP only) from UCSD.Edu in directory "mailarchives".
We trust that readers are intelligent enough to realize that all text
herein consists of personal comments and does not represent the official
policies or positions of any party. Your mileage may vary. So there.
----------------------------------------------------------------------
Date: Wed, 18 May 94 14:40:25 CST
From: rtorres@tazz.coacade.uv.mx
Subject: UNIVPERM Security Problem
To: tcpgroup@ucsd.edu
Hi Folks!!. I have a security problem with the univperm permission. When it is
set, anyone can access any of the mailboxes by doing this: By example, your
login is root, and password xxxx. Then someone can access your mailbox by
entering 'root<space><space><space><space>xx', and any password he wants.
Off course it can be easily resolved by verifying that the login does not
contain a separator character before accepting it :), returning a 'wrong login'
message or something so. What do you think??
Greetings!!
Roman
-=-=-=-=-=-=-=-=
Roman Torres
Programmer
rtorres@tazz.coacade.uv.mx
Tazz BBS MEXICO
------------------------------
Date: Wed, 18 May 94 17:32:18 HST
From: tony@mpg.phys.hawaii.edu (Antonio Querubin)
Subject: UNIVPERM Security Problem
To: tcpgroup@ucsd.edu, nos-bbs@hydra.carleton.ca
> Hi Folks!!. I have a security problem with the univperm permission. When it is
> set, anyone can access any of the mailboxes by doing this: By example, your
> login is root, and password xxxx. Then someone can access your mailbox by
> entering 'root<space><space><space><space>xx', and any password he wants.
> Off course it can be easily resolved by verifying that the login does not
> contain a separator character before accepting it :), returning a 'wrong login'
> message or something so. What do you think??
Just put a 'root' entry into ftpusers with an obscure password. Do the same
for any username that has to be secured...
Tony
------------------------------
End of TCP-Group Digest V94 #94
******************************
------------------------------
Date: Thu, 19 May 1994 14:19:00 -0700 (PDT)
From: "Muenzler, Kevin" <MUENZLERK@uthscsa.edu>
To: tcp list server <tcp-group@ucsd.edu>
delete tcp-group
------------------------------
Date: Thu, 19 May 1994 15:20:00 -0700 (PDT)
From: "Muenzler, Kevin" <MUENZLERK@uthscsa.edu>
To: tcp list server <tcp-group@ucsd.edu>
DELETE TCP-GROUP
------------------------------
Date: Thu, 19 May 1994 16:26:00 -0700 (PDT)
From: "Muenzler, Kevin" <MUENZLERK@uthscsa.edu>
To: tcp list server <tcp-group@UCSD.EDU>
help
------------------------------
End of TCP-Group Digest V94 #95
******************************