Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Vulnerability in Majordomo

From: oxymoron () waste org (Oliver Xymoron)
Date: Tue, 26 Aug 1997 15:19:53 -0500

On Sun, 24 Aug 1997, Razvan Dragomirescu wrote:


I have discovered a vulnerablility in "majordomo" that allows local and
remote users to execute commands with the rights of the user running the
server. This user is usually in the daemon group, so this can be quite
harmful.


This should fix the problem in a fairly straightforward manner:

--- majordomo-pre-list-fix      Tue Aug 26 14:11:07 1997
+++ majordomo   Tue Aug 26 15:06:52 1997
@@ -1374,7 +1374,7 @@
                if ($'config_opts{$list, 'advertise'} ne '') {
                   @array = split(/\001/,$'config_opts{$list,
'advertise'});
                   foreach $i (@array) {
-                     $command = "(q~$reply_addr~ =~ $i)";
+                     $command = '($reply_addr'." =~ $i)";
                      $result = 1, last if (eval $command);
                   }
                 } else { $result = 1; }
@@ -1384,7 +1384,7 @@
                   @array = split(/\001/,$'config_opts{$list,
'noadvertise'});

                   foreach $i (@array) {
-                     $command = "(q~$reply_addr~ =~ $i)";
+                     $command = '($reply_addr'." =~ $i)";
                      $result = 0, last if (eval $command);
                    }
                }

--
 "Love the dolphins," she advised him. "Write by W.A.S.T.E.."
Previous By Date Next
Previous By Thread Next

Current thread: