Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 29 May 2000 16:14:03 +0200
From:      Peter van Dijk <petervd@vuurwerk.nl>
To:        freebsd-security@FreeBSD.ORG
Subject:   Re: QPOPPER: Remote gid mail exploit
Message-ID:  <20000529161403.H19887@vuurwerk.nl>
In-Reply-To: <20000525160410I.1001@eccosys.com>; from sen_ml@eccosys.com on Thu, May 25, 2000 at 04:04:10PM %2B0900
References:  <Pine.BSF.4.21.0005241633020.7700-100000@mercury.jorsm.com> <20000525160410I.1001@eccosys.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, May 25, 2000 at 04:04:10PM +0900, sen_ml@eccosys.com wrote:
[snip]
> > 
> > Here is the original advisory.  Note that the actual advisory is
> > correct WRT the file and line numbers.  The posts on Bugtraq indicate to
> > patch pop_msg.c instead of pop_uidl.c.
> 
> while patching and restarting a qpopper server locally, i started
> wondering...how much of a problem is this on a freebsd system where
> /var/mail or /var/spool/mail is not setgid mail?

As with the IMAP exploit, this will give people a shell, which they usually
didn't have beforehand, when they are just popusers.

Greetz, Peter.
-- 
petervd@vuurwerk.nl - Peter van Dijk [student:developer:madly in love]


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000529161403.H19887>