|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: R: Majordomo filenames used as passwords
From: John Ritchie (ritchiej
OSSHE.EDU)Date: Tue Dec 05 2000 - 09:48:05 CST
- Next message: Zoa_Chien: "Serv-U FTP directory traversal vunerability (all versions)"
- Previous message: Radu-Adrian Feurdean: "Re: Slack-7.0/Apache-1.3.12/PHP-3.0.16 remote exploit"
- In reply to: Raistlin: "R: Majordomo filenames used as passwords"
- Reply: John Ritchie: "Re: R: Majordomo filenames used as passwords"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Sun, 3 Dec 2000, Raistlin wrote:
> > This was reported TWICE, by two different people, in 1995. None of the
> posts
> > even got a reply. The bug has been confirmed on a live majordomo 1.94.3
> and
> > the code looks the same for 1.94.5 (the latest).
>
> I was unable to reproduce this behaviour on a Majordomo 1.94.4
>
> Did you actually test it out on a 1.94.5 ? If so, they have reintroduced a
> bug...
>
> Raistlin
>
>
I can reproduce this on 1.94.5.
It also appears that issuing the "passwd" command changes only the
password in the listname.passwd file, not the admin_passwd entry in the
listname.config file.
John Ritchie
- Next message: Zoa_Chien: "Serv-U FTP directory traversal vunerability (all versions)"
- Previous message: Radu-Adrian Feurdean: "Re: Slack-7.0/Apache-1.3.12/PHP-3.0.16 remote exploit"
- In reply to: Raistlin: "R: Majordomo filenames used as passwords"
- Reply: John Ritchie: "Re: R: Majordomo filenames used as passwords"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]