|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Multiply bugs in MH-6.8.3 (Mail Handler program)
Alan Cox (alan
LXORGUK.UKUU.ORG.UK)Mon, 28 Jul 1997 23:27:48 +0100
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: David Sacerdote: "Re: SNI-16: INN News Server Security Advisory (fwd)"
- Previous message: Isaac: "Sun CDE 1.0.1: login bug"
- In reply to: nolanderNOLANDER.PP.SE: "Re: Multiply bugs in MH-6.8.3 (Mail Handler program)"
- Next in thread: Matt Conover: "Re: Multiply bugs in MH-6.8.3 (Mail Handler program)"
> ruserpass(host,&user,&pass); is found in msgchk.c, in checkremote() or > something like that... meaning that the host aren't vulnerable if not > configured.. this is from a system where mh was installed w/o being Also that means ruserpass() from libc isnt being used which is probably bad as most libc's have this fixed. (The hole above btw is in all the old BSD derived libc's) but very very few current ones.
- Next message: David Sacerdote: "Re: SNI-16: INN News Server Security Advisory (fwd)"
- Previous message: Isaac: "Sun CDE 1.0.1: login bug"
- In reply to: nolanderNOLANDER.PP.SE: "Re: Multiply bugs in MH-6.8.3 (Mail Handler program)"
- Next in thread: Matt Conover: "Re: Multiply bugs in MH-6.8.3 (Mail Handler program)"