Re: /usr/bin/Mail exploit for Slackware 7.0 (mail-slack.c)

[christopher () SCHULTE ORG (Christopher Schulte)]

At 07:53 PM 6/2/00 -0300, you wrote:
> /*
>  * mail-slak.c (C) 2000 Paulo Ribeiro <prrar () nitnet com br>
>  *
>  * Exploit for /usr/bin/Mail.
>  * Made specially for Slackware Linux 7.0.

Sifting through the changelogs and package logs, it looks like mailx was
upgraded from 8.1.1-9 to 8.1.1-10 on August 20, 1999.  This was after both
the 3 and 4 series of slackware were released.  Both slack 3.6.0 and 4.0.0
appear to use the same mailx binary (neither of which are susceptible to this).

Slack 7.x however, is.....

One possible solution (I did not test this!) is to download a non
susceptible version package, such as:

ftp://ftp.slackware.com/pub/slackware/slackware-4.0/slakware/n1/mailx.tgz

Backup binary and config files, of course.  You can uncompress the .tgz and
see exactly what files will be overwritten; it may suffice to just cp the
binary file itself.


--
Christopher Schulte | christopher () schulte org
cell:612.986.4859   | home:651.225.4557 | fax: 651.315.3339
page:612.264.1115   | free:877.271.9245 | site: schulte.org

COMING SOON http://SchulteConsulting.COM/
reliable computer consulting at a fair price.