From owner-freebsd-ports  Thu Jul 16 09:22:37 1998
Return-Path: <owner-freebsd-ports@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id JAA04008
          for freebsd-ports-outgoing; Thu, 16 Jul 1998 09:22:37 -0700 (PDT)
          (envelope-from owner-freebsd-ports@FreeBSD.ORG)
Received: from mail.iserv.net (mail.iserv.net [204.177.184.19])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id JAA03820
          for <freebsd-ports@FreeBSD.ORG>; Thu, 16 Jul 1998 09:21:59 -0700 (PDT)
          (envelope-from mbehrens@iserv.net)
Received: from iserv.net (wibble.iserv.net [206.114.47.48]) by mail.iserv.net (8.8.5/8.8.5) with ESMTP idi; Thu, 16 Jul 1998 12:22:30 -0400 (EDT)MAA17650; Thu, 16 Jul 1998 12:22:30 -0400 (EDT)
Message-ID: <35AE2842.302ACB17@iserv.net>
Date: Thu, 16 Jul 1998 12:20:18 -0400
From: matt <mbehrens@iserv.net>
X-Mailer: Mozilla 4.5b1 [en] (WinNT; I)
X-Accept-Language: en
MIME-Version: 1.0
To: Adrian Penisoara <ady@warpnet.ro>, Steve Price <sprice@hiwaay.net>
CC: FreeBSD ports <freebsd-ports@FreeBSD.ORG>
Subject: [Fwd: UW IMAP bug -- more information?]
Content-Type: multipart/mixed;
 boundary="------------FC48EAB6490EA2F5A9AA90CC"
Sender: owner-freebsd-ports@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

This is a multi-part message in MIME format.
--------------FC48EAB6490EA2F5A9AA90CC
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Here's your information from Terry Gray.  root compromise... hmm is that
serious?  should I be worried? :)

Someone should also let freebsd-security know when it's done too, I
think :)  I volunteer.
--------------FC48EAB6490EA2F5A9AA90CC
Content-Type: message/rfc822
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Received: from mailhost1.u.washington.edu (mailhost1.u.washington.edu [140.142.32.2])
	by megaweapon.zigg.com (8.8.8/8.8.8) with ESMTP id MAA00306
	for <matt@megaweapon.zigg.com>; Thu, 16 Jul 1998 12:14:14 -0400 (EDT)
	(envelope-from gray@cac.washington.edu)
Received: from D-140-142-110-126.dhcp2.washington.edu (D-140-142-110-126.dhcp2.washington.edu [140.142.110.126])
          by mailhost1.u.washington.edu (8.8.4+UW97.07/8.8.4+UW98.06) with SMTP
	  id JAA15474; Thu, 16 Jul 1998 09:12:22 -0700
Date: Thu, 16 Jul 1998 09:14:55 -0700 (Pacific Daylight Time)
From: Terry Gray <gray@cac.washington.edu>
To: Matt Behrens <matt@megaweapon.zigg.com>
Subject: Re: UW IMAP bug -- more information?
In-Reply-To: <Pine.BSF.3.96.980716115816.29675D-100000@megaweapon.zigg.com>
Message-ID: <Pine.WNT.4.00.9807160910070.163-100000@tegdesk_ndc>
Organization: University of Washington;  Computing & Communications
X-X-Sender: gray@shivams.cac.washington.edu
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset = US-ASCII

Are you talking about the recent root-compromise bug?
My understanding is that it was a buffer overrun vulnerability in the code
that handles the IMAP AUTHENTICATE command.  I don't know whether anyone
has actually written an exploit for it (yet).  It affects all versions of
UW's IMAP 4.1 servers prior to last weekend.

It's fixed in the latest ftp.cac.washington.edu/mail/imap.tar.Z

-teg

On Thu, 16 Jul 1998, Matt Behrens wrote:

> Hi,
> 
> I'm conversing with two guys responsible for the UW IMAP package as it
> comes with FreeBSD.  Do you have any more information on this bug that
> we can test with?
> 
> Thanks.
> 
> Matt Behrens <matt@zigg.com>
> Founder and Chief Engineer, The OverNet Network
> I eat Penguins for breakfast.
> 
> 


--------------FC48EAB6490EA2F5A9AA90CC--


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message