Re: L0pht Advisory: IMAP4rev1 imapd server

Casper Dik (casper@HOLLAND.SUN.COM)
Thu, 09 Oct 1997 10:12:38 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Kragen Sitaker: "Re: L0pht Advisory: IMAP4rev1 imapd server"
Previous message: Marc Slemko: "Re: L0pht Advisory: IMAP4rev1 imapd server"
Maybe in reply to: (no name): "L0pht Advisory: IMAP4rev1 imapd server"
Next in thread: Kragen Sitaker: "Re: L0pht Advisory: IMAP4rev1 imapd server"

>On Wed, 8 Oct 1997, We got Food - Fuel - Ice-cold Beer - and X.509 certificates wrote:
>
>> Scenario:
>>
>> It is possible to crash the imapd server in several possible places.
>> Due to the lack of handling for the SIGABRT signal and the nature
>> of the IMAP protocol in storing folders locally on the server; a core dump
>> is produced in the users current directory. This core dump contains the
>> password and shadow password files from the system.
>
>It should be noted that this only works on systems that allow a
>process that has changed UIDs since the last exec to core dump.
>
>Some, such as FreeBSD (and OpenBSD I would guess, and a dozen
>others), don't for exactly this reason. The same thing came
>up with ftpd a while back.

This was also changed on Solaris 2.6 and may be patched for some
older releases.

Casper

Next message: Kragen Sitaker: "Re: L0pht Advisory: IMAP4rev1 imapd server"
Previous message: Marc Slemko: "Re: L0pht Advisory: IMAP4rev1 imapd server"
Maybe in reply to: (no name): "L0pht Advisory: IMAP4rev1 imapd server"
Next in thread: Kragen Sitaker: "Re: L0pht Advisory: IMAP4rev1 imapd server"