|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Seth Arnold (sarnold
wirex.com)Date: Thu Jan 17 2002 - 17:32:03 CST
Crispin is correct; neither the recent sudo nor pine vulnerabilities are
buffer overflows. Pine performed no or poor shell metacharacter
elimination before calling a function such as system(3).
The sudo problem is similar -- sudo doesn't clean the environment before
sending mail, using the configured path for 'sendmail'. The only method
of exploiting this currently known is through the postfix MTA; those of
you who have installed postfix can add the following rules to your
sudoers file until I make updated packages available that clean the
environment before running sendmail:
(well, even if you don't have postfix installed, you can put these lines
in your sudoers file (use visudo) if you don't trust your MTA to handle
its environment with care. :)
Defaults !mail_always
Defaults !mail_no_user
Defaults !mail_no_host
Defaults !mail_no_perms
Cheers
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8R17y1XMg6PgdEDQRAiPzAJwJrkTgUXtT2tvGnAPVn1s3ypAmxQCgiPzi
IzGvmr/7jyxrzYSOOPp0jzk=
=my+F
-----END PGP SIGNATURE-----
_______________________________________________
Immunix-users mailing list
Immunix-usersmail.wirex.com
http://mail.wirex.com/mailman/listinfo/immunix-users
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]