[403] in linux-security and linux-alert archive
(fwd) [Linux-ISP] U R G E N T!!!! S E C U R I T Y A L E R T!!!!!!! READ NOW!!
daemon@ATHENA.MIT.EDU (Panzer Boy)
Wed Oct 4 13:17:33 1995
Date: Wed, 4 Oct 1995 11:28:04 -0400
From: Panzer Boy <panzer@dhp.com>
To: linux-security@tarsier.cv.nrao.edu
Has anyone poked into this yet? I just gleamed it off of of the Linux ISP
list. I am running pop from the pine imap code (w/ shadow changes) and
wasn't able to verify this problem, though I don't usually run bins I
gleam from sunsite, et al.
pine3.91 imap/pop shadow patches can be grabbed from:
ftp.dhp.com:/pub/linux/security/pine.shadow
--
-Matt (panzer@dhp.com) DI-1-9026
"That which can never be enforced should not be prohibited."
Path: news.dhp.com!news.dhp.com!not-for-mail
From: System Administrator <root@maz.mlx.net>
Newsgroups: mail.linux-isp
Subject: [Linux-ISP] U R G E N T!!!! S E C U R I T Y A L E R T!!!!!!! READ NOW!!
Date: 1 Oct 1995 19:19:35 -0400
Message-ID: <Pine.LNX.3.91.951001154303.27369A-100000@maz.mlx.net>
To: linuxisp@lightning.com
I have recently discovered a security flaw in pop3d Version 1.004 with
shadow password support. (Not sure about the version without shadow
support, but you might want to check). I discovered that after changing
to shadow support and compiling and testing all of my programs (i.e.
ftpd, pop3d, login, etc) that the pop3d allowed me to view anyone mail on
my system, no matter what password I put in. Thinking that it was maybe
something I had wrong I telneted to the pop3 port on a few of the shadow
linux systems I knew about. EVERY System I tried that was running 1.004
allowed me to read anyone on that systems mail. I have looked at the
code and have narrowed it down to the util.c file, but am in no way a
very good c programmer. I am putting out this notice to warn everone and
to hope that someone will come up with a fix very quickly. And since my
newsfeed is down for the weekend would someone please post this on the
newsgroups and anywhere else you might think it will get distributed the
fastest. Thanks.
/---------------------------------------------------------------------------\
| John Maslanik |\/| | \ / Voice: (619) 449-6282 |
| MLXnet Admin | | |__ / \ Data/Fax: (619) 449-6274 |
\---------------------------------------------------------------------------/
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
To [un]subscribe to this list, contact linuxisp-request@lightning.com
Please send contributions for the mailing list to: linuxisp@lightning.com
Please contact the mailing-list-owner as: linuxisp-owner@lightning.com
