[4196] in bugtraq
Re: New Sendmail bug
daemon@ATHENA.MIT.EDU (Jeffrey Moyer)
Mon Mar 24 11:55:58 1997
Date: Mon, 24 Mar 1997 08:44:07 -0500
Reply-To: Jeffrey Moyer <phro@SEGFAULT.RES.WPI.EDU>
From: Jeffrey Moyer <phro@SEGFAULT.RES.WPI.EDU>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <199703220730.CAA13054@netspace.org>
On Sat, 22 Mar 1997 C0WZ1LL4@NETSPACE.ORG wrote:
> Hello fellow mongoloids
> Try this:
> Make hard link of /etc/passwd to /var/tmp/dead.letter
> Telnet to port 25, send mail from some bad email address to some unreacheable hoost.
> Watch your message get appended to passwd.
> ie:
> cowzilla::0:0:c0wz1ll4 0wns u:/:/bin/sh
Okay, here is a very very simple kluge to temporarily fix it. Create a
file /var/tmp/dead.letter with chmod 0644 perms. That way no one can make
the hard link to /etc/passwd, b/c the file /var/tmp/dead.letter already
exists.
-phro
=====================================================================
phro@wpi.edu Jeffrey Moyer
network operations
net-ops@wpi.edu
Linux - The Choice of a GNU Generation
http://segfault.res.wpi.edu/~phro
