security problem w/ smail

james w abendschan (jwa@pine.cse.nau.edu)
Tue, 27 Sep 1994 10:26:28 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Colin Campbell: "Re: setuid scripts in SunOS 4.1.x"
Previous message: Fred Blonder: "Re: setuid scripts in SunOS 4.1.x"

I've discovered a bug in smail 3.1.28.1 -- it allows any local user
to read any file.  A quick way to fix this is to put -smtp_debug
in your smail config.

I'll post an exploit script after a couple of days -- enough time 
hopefully for people to take some action.

I've also tried to contact the makers of smail, but the only address
I have [smail-bugs@veritas.com] bounces.  Anyone who has a more
accurate address, please mail me with it.

FYI, many linux distributions ship with smail 3.1.28.1.

James


-- 
James Abendschan         jwa@pine.cse.nau.edu         change for the machines

Next message: Colin Campbell: "Re: setuid scripts in SunOS 4.1.x"
Previous message: Fred Blonder: "Re: setuid scripts in SunOS 4.1.x"