|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: majordomo local exploit
Subject: Re: majordomo local exploit
From: Taneli Huuskonen (huuskone
CC.HELSINKI.FI)
Date: Wed Dec 29 1999 - 09:30:15 CST
- Next message: rudi carell: "AltaVista"
- Previous message: Christopher X. Candreva: "Re: majordomo local exploit"
- In reply to: Todd C. Miller: "Re: majordomo local exploit"
- Next in thread: Coolio: "Re: majordomo local exploit"
- Next in thread: Brock Sides: "Re: majordomo local exploit"
- Next in thread: Christopher Schulte: "Re: majordomo local exploit"
- Reply: Taneli Huuskonen: "Re: majordomo local exploit"
- Reply: Coolio: "Re: majordomo local exploit"
- Reply: Henrik Edlund: "Re: majordomo local exploit"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
-----BEGIN PGP SIGNED MESSAGE-----
"Todd C. Miller" <Todd.MillerCOURTESAN.COM> wrote:
> For those using perl 5.x, you can use sysopen() instead of the "magic"
> perl open() to fix this.
I'm afraid that wouldn't help much, as you can supply any pathname as
the -C (configuration file) argument:
/path/to/majordomo/wrapper resend -l foobar -C /tmp/evilhack.pl
I tested this with version 1.94.1, but the same behaviour seems to be
there in 1.94.4, as far as I can tell by the source.
Taneli Huuskonen
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQB1AwUBOGoorAUw3ir1nvhZAQF31gL9HRxD8LOVsilgTuj5iRRTHdhI0cGS7AF/
cBzVkofDCcu4UamxZj7weOqK//EbHPjEuFE7ABW4sb4CHXigA0rVuc/B2QKntX7A
UmceOIjDSU8iVj5FqFkbo9u3uysC8ngl
=Iy7+
-----END PGP SIGNATURE-----
-- I don't | All messages will be PGP signed, | Fight for your right to speak for | encrypted mail preferred. Keys: | use sealed envelopes. the Uni. | http://www.helsinki.fi/~huuskone/ | http://www.gilc.org/
- Next message: rudi carell: "AltaVista"
- Previous message: Christopher X. Candreva: "Re: majordomo local exploit"
- In reply to: Todd C. Miller: "Re: majordomo local exploit"
- Next in thread: Coolio: "Re: majordomo local exploit"
- Next in thread: Brock Sides: "Re: majordomo local exploit"
- Next in thread: Christopher Schulte: "Re: majordomo local exploit"
- Reply: Taneli Huuskonen: "Re: majordomo local exploit"
- Reply: Coolio: "Re: majordomo local exploit"
- Reply: Henrik Edlund: "Re: majordomo local exploit"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
This archive was generated by hypermail 2b27 : Wed Dec 29 1999 - 19:33:24 CST