Bugtraq mailing list archives
Re: majordomo local exploit
From: chris () WESTNET COM (Christopher X. Candreva)
Date: Wed, 29 Dec 1999 09:52:33 -0500
On Tue, 28 Dec 1999, Brock Tellier wrote:
but wrapper immediatly setuid()'s and setgid()'s to owner:daemon before execing the wrapped program.
Bugs in resend aside, this appears to be an incorrect configuration of wrapper. majordomo should have it's own group as well as user, and it should change to that group, not daemon. This is according to Doc/FAQ in the Majordomo 1.94.4 distribution. The whole point of the wrapper and unique uid/gid is to limit the effect of such bugs. -Chris ========================================================== Chris Candreva -- chris () westnet com -- (914) 967-7816 WestNet Internet Services of Westchester http://www.westnet.com/
Current thread:
- bna,sh, (continued)
- bna,sh Loneguard (Dec 30)
- Re: majordomo local exploit Andrew Brown (Dec 30)
- Re: majordomo local exploit Henrik Nordstrom (Dec 30)
- Fix for HP-UX automountd/autofs exploit (fwd) Doug Siebert (Dec 30)
- Re: Fix for HP-UX automountd/autofs exploit (fwd) LaMont Jones (Dec 31)
- vibackup.sh Loneguard (Dec 31)
- More info on MS99-061 (IIS escape character vulnerability) .rain.forest.puppy. (Dec 29)
- Follow UP AltaVista rudi carell (Dec 30)
- Re: majordomo local exploit Brock Sides (Dec 29)
- CERT Advisory CA-99-17 Denial-of-Service Tools Aleph One (Dec 29)
- Re: majordomo local exploit Christopher X. Candreva (Dec 29)
- The "Mac DoS Attack," a Scheme for Blocking Internet Connections John Copeland (Dec 29)
- Re: majordomo local exploit Olaf Kirch (Dec 29)
- Re: majordomo local exploit Spidey (Dec 29)
- Fwd: Sun Security Bulletin #00192 Bryan Blackburn (Dec 29)