Bugtraq mailing list archives

Re: majordomo local exploit

From: christopher () SCHULTE ORG (Christopher Schulte)
Date: Wed, 29 Dec 1999 00:54:35 -0600


At 08:47 PM 12/28/1999 -0600, Brock Tellier wrote:

I've only tested the version of majordomo which comes with UnixWare
7.1 which is 1.94.4.  This vulnerability may or not still be present
in newer versions of majordomo, but it exists on the default UW7.1
installation.


Confirmed with *stock* download of 1.94.4 source (according to
http://www.greatcircle.com/majordomo/, this is the current version) from
main distro site.

--
Christopher Schulte
christopher () schulte org
http://www.schulte.org/

Current thread:

Local / Remote Remote DoS Attack in Rover POP3 Server V1.1 NT From aVirt Ussr Labs (Dec 27)
- Remote DoS/Access Attack in Internet Anywhere Mail Server(POP 3) v2.3.1 Steven Alexander (Dec 27)
- Trend Micro InterScan VirusWall SMTP bug asl () USA ALCATEL COM (Dec 27)
- L0pht Advisory: initscripts-4.48-1 RedHat Linux 6.1 Mudge (Dec 27)
- UnixWare local pis exploit Brock Tellier (Dec 27)
- Third Party Software Affected by IIS "Escape Character Parsing" V ulnerability Microsoft Product Security Response Team (Dec 28)
- majordomo local exploit Brock Tellier (Dec 28)
  - $cf Security flaw Shevek (Dec 02)
  - Re: majordomo local exploit Christopher Schulte (Dec 28)
  - Re: majordomo local exploit Todd C. Miller (Dec 28)
    - AltaVista rudi carell (Dec 29)
    - Re: majordomo local exploit Taneli Huuskonen (Dec 29)
    - Re: majordomo local exploit Coolio (Dec 29)
    - Re: majordomo local exploit Henrik Edlund (Dec 29)
    - bna,sh Loneguard (Dec 30)
    - Re: majordomo local exploit Andrew Brown (Dec 30)
    - Re: majordomo local exploit Henrik Nordstrom (Dec 30)
    - Fix for HP-UX automountd/autofs exploit (fwd) Doug Siebert (Dec 30)
    - Re: Fix for HP-UX automountd/autofs exploit (fwd) LaMont Jones (Dec 31)

(Thread continues...)