[16408] in bugtraq
Re: Advisory: mgetty local compromise
daemon@ATHENA.MIT.EDU (Gert Doering)
Sat Aug 26 16:26:20 2000
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-ID: <20000826120951.A18596@greenie.muc.de>
Date: Sat, 26 Aug 2000 12:09:51 +0200
Reply-To: Gert Doering <gert@GREENIE.MUC.DE>
From: Gert Doering <gert@GREENIE.MUC.DE>
X-To: Stan Bubrouski <satan@FASTDIAL.NET>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <20000826110209.A17587@greenie.muc.de>; from Gert Doering on Sat,
Aug 26, 2000 at 11:02:09AM +0200
Hi,
sorry to followup on myself, but...:
On Sat, Aug 26, 2000 at 11:02:09AM +0200, Gert Doering wrote:
> Vendor releases might still be vulnerable (shipping old versions), but as
> faxrunqd(8) isn't usually run by default, a "standard system" should NOT
> be vulnerable. *If* you run faxrunqd, though, upgrade to 1.1.22 (but
> those of you that do, you know who you are...)
... this is crap. faxrunq(8) had the same bug as faxrunqd(8) here (which
the original "advisory" didn't mention). It has also been fixed in
1.1.22.
So, let me rephrase this: IF you are using the "sendfax" part of
mgetty+sendfax AND you have possibly-malicious users on your system,
then you should urgently upgrade to 1.1.22 (which should be a matter
of "make; make install").
If all your users are trustworthy, you don't have a problem, as this can't
be remotely exploited.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert@greenie.muc.de
fax: +49-89-35655025 gert.doering@physik.tu-muenchen.de
