Re: Vulnerability in Majordomo

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Andreas Bogk: "Re: Active X exploit."
• Previous message: Aleph One: "CERT Summary CS-97.05"
• Maybe in reply to: Razvan Dragomirescu: "Vulnerability in Majordomo"
• Next in thread: Michael Warfield: "Re: Vulnerability in Majordomo"

> I have discovered a vulnerablility in "majordomo" that allows local and
> remote users to execute commands with the rights of the user running the
> server. This user is usually in the daemon group, so this can be quite
> harmful.

This should fix the problem in a fairly straightforward manner:

--- majordomo-pre-list-fix Tue Aug 26 14:11:07 1997
+++ majordomo Tue Aug 26 15:06:52 1997
@@ -1374,7 +1374,7 @@
if ($'config_opts{$list, 'advertise'} ne '') {
@array = split(/\001/,$'config_opts{$list,
'advertise'});
foreach $i (@array) {
- $command = "(q~$reply_addr~ =~ $i)";
+ $command = '($reply_addr'." =~ $i)";
$result = 1, last if (eval $command);
}
} else { $result = 1; }
@@ -1384,7 +1384,7 @@
@array = split(/\001/,$'config_opts{$list,
'noadvertise'});

foreach $i (@array) {
- $command = "(q~$reply_addr~ =~ $i)";
+ $command = '($reply_addr'." =~ $i)";
$result = 0, last if (eval $command);
}
}

--
 "Love the dolphins," she advised him. "Write by W.A.S.T.E.."

• Next message: Andreas Bogk: "Re: Active X exploit."
• Previous message: Aleph One: "CERT Summary CS-97.05"
• Maybe in reply to: Razvan Dragomirescu: "Vulnerability in Majordomo"
• Next in thread: Michael Warfield: "Re: Vulnerability in Majordomo"