From owner-freebsd-security Mon Apr 17 20: 4:40 2000 Delivered-To: freebsd-security@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (Postfix) with ESMTP id 3987237B91B; Mon, 17 Apr 2000 20:04:37 -0700 (PDT) (envelope-from kris@FreeBSD.org) Received: from localhost (kris@localhost) by freefall.freebsd.org (8.9.3/8.9.2) with ESMTP id UAA06278; Mon, 17 Apr 2000 20:04:37 -0700 (PDT) (envelope-from kris@FreeBSD.org) X-Authentication-Warning: freefall.freebsd.org: kris owned process doing -bs Date: Mon, 17 Apr 2000 20:04:36 -0700 (PDT) From: Kris Kennaway To: "Michael S. Fischer" Cc: security@FreeBSD.org Subject: Re: Fw: Re: imapd4r1 v12.264 In-Reply-To: <00ae01bfa8d7$ad5188a0$7f00800a@corp.auctionwatch.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, 17 Apr 2000, Michael S. Fischer wrote: > Are you saying that remotely giving access to the user's account isn't bad > enough? In my environment, certain users have sudo access... No, I'm saying that in some (perhaps most) environments the user already has shell access to the machine, so it's not a risk (if my interpretation of the vulnerability is correct). If you have a machine which doesn't allow shell access, but serves users with imap, then they can exploit the vulnerability to gain shell access to the machine. Note that you need to successfully log into an account on the imap server to exploit the problem, which means knowing the password. Kris ---- In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message