[LIH] [SECURITY HOLE] mailx bug

Ravikant K.Rao Sun, 04 Jun 2000 07:40:15 -0700

This hole in mailx drops you into a shell with mail group access
privileges. You can read/write/delete emails of any other user on the
box.

        -> http://packetstorm.securify.com/0005-exploits/mailx.c <-

        Found to:

        a) work on stock slink,potato,woody boxes.
        b) /supposedly/ works on slackware
        c) NOT work on $distribution + secure-Linux [ Check with
Debian ]

        Moral of the story, get secure-Linux.

        http://openwall.com/Linux

        Cheers.

                                                                --ravi
-- 
Ravikant K.Rao : http://www.symonds.net/~ravi/
Primary Email  : <[EMAIL PROTECTED]> | PGP: 9544A4A1   GPG: 1024D/C2FC752D

-----------------------------------------------------------------------
The LIH mailing list archives are available at:
http://lists.linux-india.org/cgi-bin/wilma/linux-india-help

[LIH] [SECURITY HOLE] mailx bug

Reply via email to