Bugtraq mailing list archives

Re: SUMMARY: AntiFlash talkd

From: marekm () i17linuxb ists pwr wroc pl (Marek Michalkiewicz)
Date: Tue, 25 Apr 1995 13:40:29 +0200 (MET DST)

Shortly after I sent my request to bugtraq, I got an idea to look around
on my local Linux mirror and found "talkd+antiflash+hatemail.tar.gz"
which basicly filters out flashes and then sends automatic 'hatemail' to
root () remote site


Be careful - the hatemail feature has a security hole.  Apply this patch:

--- process.c.orig      Mon Jan 16 06:07:52 1995
+++ process.c   Tue Apr 25 13:04:58 1995
@@ -167,8 +167,10 @@
              char sys_buf[150];
              caller_host=hp->h_name;
 
+#if 0  /* security problem */
              sprintf(sys_buf,"/etc/flash.mail %s",caller_host);
              system(sys_buf);
+#endif
           }
           else
             caller_host="unknown";

You can see two problems here: sprintf() and system().  Guess what happens
if the DNS name is too long or contains some command in back quotes...

However, I ran into problems compiling it on our HP9000's, Linux
apparently has a '<protocols/talkd.h>' in it's system includes.


Yes, it has.  Mail me if you need a copy.

Regards,
-- Marek Michalkiewicz <marekm () i17linuxa ists pwr wroc pl>

Current thread:

Re: sniffers, (continued)
- - - Re: sniffers Asriel DeCatte (Apr 30)
    - Re: sniffers Asriel DeCatte (Apr 30)
    - Re: sniffers Jas (Apr 30)
    - Re: sniffers Asriel DeCatte (Apr 30)
    - Re: sniffers Jonathan M. Bresler (Apr 30)
    - Re[2]: sniffers Nayfield, Rod (Apr 30)
- SUMMARY: AntiFlash talkd Richard Allen (Apr 24)
  - Re: SUMMARY: AntiFlash talkd Aleph One (Apr 24)
  - Re: SUMMARY: AntiFlash talkd Gary Anderson (Apr 24)
  - The Dan Farmer rap - authors note Julian Assange (Apr 24)
  - Re: SUMMARY: AntiFlash talkd Marek Michalkiewicz (Apr 25)
- Good Times Nayfield, Rod (Apr 24)
- Re: Kerberos availability (Re: NIS) Roger Bolton (Apr 21)