From owner-freebsd-security Thu Jul 16 16:38:49 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id QAA17101 for freebsd-security-outgoing; Thu, 16 Jul 1998 16:38:49 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from ady.warpnet.ro (ady.warpnet.ro [193.230.201.1]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id QAA17088 for ; Thu, 16 Jul 1998 16:38:34 -0700 (PDT) (envelope-from ady@warpnet.ro) Received: from localhost (ady@localhost) by ady.warpnet.ro (8.8.8/8.8.8) with SMTP id CAA05925 for ; Fri, 17 Jul 1998 02:38:04 +0300 (EEST) (envelope-from ady@warpnet.ro) Date: Fri, 17 Jul 1998 02:38:04 +0300 (EEST) From: Adrian Penisoara Reply-To: Adrian Penisoara To: freebsd-security@FreeBSD.ORG Subject: Re: EMERGENCY: new remote root exploit in UW imapd In-Reply-To: <199807162206.AAA30072@basement.replay.com> Message-ID: MIME-Version: 1.0 Content-Type: MULTIPART/MIXED; BOUNDARY="0-1242273055-900632284=:4014" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. Send mail to mime@docserver.cac.washington.edu for more info. --0-1242273055-900632284=:4014 Content-Type: TEXT/PLAIN; charset=US-ASCII Hi, On Fri, 17 Jul 1998, Anonymous wrote: > INTRODUCTION > > On July 10, 1998 a message was posted to the University of Washington Pine > mailing lists about a security problem in the UW imapd server released with > Pine 4.00, viewable at: > > http://www.washington.edu/pine/pine-info/1998.07/msg00062.html > > Out of curiosity, I decided to do some source code diffs to see what > changed between the patched and unpatched versions of imapd. Sure enough, > there was a *major* security hole. The message from the Pine developers > failed, however, to underscore the severity of the hole hence this security > advisory. > > The current port skeleton available at ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/mail/imap-uw is using a *vulnerable* source tarball ! I have submitted a patch today to update the port to use the latest source tarball on ftp.cac.washington.edu (grep the freebsd-ports mailing list for the "imap-uw security hole -- please update port" subject). Until then you can use the attached patch which will update the port in order to use the current source tarball. Adrian Penisoara Ady (@freebsd.ady.ro) --0-1242273055-900632284=:4014 Content-Type: APPLICATION/octet-stream; name="imap-uw-4.1f.diff.gz" Content-Transfer-Encoding: BASE64 Content-ID: Content-Description: imap-uw 4.1 FINAL port update H4sICOyLrjUCA2ltYXAtdXctNC4xZi5kaWZmAOVWa2/bNhT9LP+KWyRAt9SW rJctC/NQLZYNt7ET2NoaDAMCSqRiNnpNpOIEhfvbS0qxYxfOumEbMGCCHiTv k/cckTw7O4MZuiMxTYial/RWmeUZvKsyAAd00zUN17JAHwycVqfT2akq45IK rQT0PnQN19Bde9BonR1esg96W+9B3QM4gTlZQ5GXnEGUJwmJOBUR0yfHEOel q9AUFZ1q3Xol1H8hJZMaJfm9oiXBrmKpekg4qp2NECcQlUR8hEQZwDuUyUT6 tfTDKk/FqFIwLvv12OkUu7t5tO9BV3WzTl3r9rRuHwzT7equ4QDj5J6A/1DA 6ZOxyGc0XQZzb+YPmxxFKupPfuAJydX7yZ6gWktZKIzOvcCfXC6m/nKopIgm QnXmLQN/cbOcBnJwxXnhatp6vVbjkpCQYQHErfa5jq/Bb8JAUeJaR7zVCEXq GrEVzW55nqkEV5qMqIlQ/nWw8M6Dm+XP4+uhonJUqr/KtEFEnM4D8fiLXX5v t8EQflTLvIZXAGWDaHT+MaD+KyCNp3Pv4gWU/gxI/379j/44Ttuwt3+Od3Fx E3iLiR8MlZDFtde5M1QUWuQFVh2QjsW3qUFRkk5Y0QS7kj9vo1WaY+jbNpx+ +rB4v1ycbzRWRlrOMCm0KqMPGi7pvYDwZYX0DlV8xZoZnQBfUQZlJagQVWVJ Mp48AmXZaw4REnTBkJdQMYLbEJIIiRZQ/ppBlnNgVRzTiAob4HntjGaMCyv4 WDExtiKgIqhphjIMEhF11QaWw5oAW+VVgmWcrRHKHrnEAxAH0X/VcLnfNqwt mf9a7U4Oinfyf6veMSYag7a5Y6K4cd55sndFTzn9NJ0vA1nlkRd4m70qRJ0o kalqCQ23bZXlqqHqQutq4Y+n1xspbHWkm4vR+eV8PJ1soJN+JT8Ic7W4nCy8 2X6kGsLmfWhJHkj0bWtJhPpt/D1z85i5JKThtE2zIeSxCptO2zKaCktts9e2 zC19FeWQVntTVZ1oL16KMvk42jOf9/IWnN+I/eSIv132L/prZK03IO4iZ/wZ /jffxE3cKs2ipMIEfpBLntxV1PTux3rikqhMS7HdnD+Wgob1+aMHYom3u7uT hazKTlcJVlVzAOmB0a3VnD84gDR1FYv6yIbvDnbuZpX+HoZgDWzSj7GDY72L I9PpYtvu6whZ4YD0Yhw2q0oDydee6u3l2RUKQyeO+70Io16v69j9CBmWaDum 08eWEbe+AAP+ghN3CQAA --0-1242273055-900632284=:4014-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message