Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1998_1

Bugtraq archives for 1st quarter (Jan-Mar) 1998: Re: An exploit for linux mh ver 6.8.4-5 ( update ) ...

Re: An exploit for linux mh ver 6.8.4-5 ( update ) ...

Miquel van Smoorenburg (miquelsCISTRON.NL)
Mon, 23 Mar 1998 13:16:46 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: KiloByte: "Modified floppies can crash Linux"
Previous message: David LeBlanc: "Re: RAS 'save password' problems..."
Maybe in reply to: Catalin Mitrofan: "An exploit for linux mh ver 6.8.4-5 ( update ) ..."

In article <6f1d0j$8n9$1defiant.cistron.nl>,
Miquel van Smoorenburg <miquelsCISTRON.NL> wrote:
>In article <Pine.LNX.3.96.980321161207.2339A-100000mercury.redhat.com>,
>Erik Troan <ewtREDHAT.COM> wrote:
>>On Sat, 21 Mar 1998, Catalin Mitrofan wrote:
>>
>>> host (user):~>. .mh_profile
>>> bash#
>>
>>Thanks for finding this -- I just put a fix on ftp.redhat.com.
>
>I've tried this with the Debian mh_6.8.4-17 package, and nothing happens.
>(It prints a lot of junk and then exits).  Also, mh_check is installed setgid
>mail, not setuid root.

I have checked the source, and the RedHat fix. It appears that the Debian
mh_6.8.4-17 *is* vulnerable, but not with Catalin's exploit (would probably
work with some hacking).

I've placed a bugreport, and a patch, with severity "critical" into
Debian's bugsystem. There should be a fix soon.

Mike.
--
 Miquel van Smoorenburg | Our vision is to speed up time,
    miquelscistron.nl  |   eventually eliminating it.

Next message: KiloByte: "Modified floppies can crash Linux"
Previous message: David LeBlanc: "Re: RAS 'save password' problems..."
Maybe in reply to: Catalin Mitrofan: "An exploit for linux mh ver 6.8.4-5 ( update ) ..."