Bugtraq mailing list archives

security problem w/ smail

From: jwa () pine cse nau edu (james w abendschan)
Date: Tue, 27 Sep 1994 10:26:28 -0700


I've discovered a bug in smail 3.1.28.1 -- it allows any local user
to read any file.  A quick way to fix this is to put -smtp_debug
in your smail config.

I'll post an exploit script after a couple of days -- enough time 
hopefully for people to take some action.

I've also tried to contact the makers of smail, but the only address
I have [smail-bugs () veritas com] bounces.  Anyone who has a more
accurate address, please mail me with it.

FYI, many linux distributions ship with smail 3.1.28.1.

James


-- 
James Abendschan         jwa () pine cse nau edu         change for the machines

Current thread:

Re: Security Info (root broken), (continued)
- - - Re: Security Info (root broken) Pug (Sep 29)
    - Re: Security Info (root broken) Casper Dik (Sep 29)
    - Re: Security Info (root broken) Timothy Newsham (Sep 29)
    - Old sendmail bugs Michael Neuman (Sep 29)
    - Re: Security Info (root broken) Karl Strickland (Sep 29)
    - Re: Security Info (root broken) Christopher Klaus (Sep 29)
    - Re: Security Info (root broken) Pug (Sep 29)
    - Re: Security Info (root broken) Pug (Sep 29)
    - Re: Security Info (root broken) Neil Woods (Sep 29)
    - IBM AIX rlogin fix jim () Tadpole COM (Sep 28)
    - security problem w/ smail james w abendschan (Sep 27)
- Re: setuid scripts in SunOS 4.1.x *Hobbit* (Sep 25)