Date: Wed, 19 May 1999 22:22:02 -0600 (MDT) From: Paul Hart <hart@iserver.com> To: "Andrew G. Russell" <arussell@tyr.agrknives.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: attack or failure Message-ID: <Pine.BSF.3.96.990519221004.15485B-100000@anchovy.orem.iserver.com> In-Reply-To: <199905200403.XAA16431@tyr.agrknives.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 19 May 1999, Andrew G. Russell wrote: > This system will be upgraded to 2.2.8, but I sure would like some clue as > to how it happened. Were you running a POP or IMAP server? If so, what version? There are well-known and quite easily exploited holes in the University of Washington IMAP2bis and IMAP4 servers and the Qualcomm POP server, and exploits are publically available and in widespread use. Each exploit gives a remote attacker an instant root shell on your system. You mention using sendmail 8.8.4, which I also recall had an exploitable buffer overflow in the MIME decoding code, which in theory could also be possible avenue of remote attack, though I am not aware of any public exploits for this hole. Now if the attack could have been initiated locally by a user with shell access on your system, there are many other known holes in versions of FreeBSD as old as 2.1.5, such as the suidperl buffer overflow, the rdist buffer overflow, the procfs hole, or the lpr buffer overflow, to name a few. Paul Hart -- Paul Robert Hart ><8> ><8> ><8> Verio Web Hosting, Inc. hart@iserver.com ><8> ><8> ><8> http://www.iserver.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.990519221004.15485B-100000>