[16828] in bugtraq

home help back first fref pref prev next nref lref last post

Re: Horde library Bug part 2

daemon@ATHENA.MIT.EDU (John Riddoch)
Tue Sep 19 15:23:47 2000

Mime-Version: 1.0
Content-Type: TEXT/plain; charset=us-ascii
Content-Md5: ew2abf+S+SBN64aoZNuxwg==
Message-Id:  <20000919161324.CA7C71EE88@lists.securityfocus.com>
Date:         Tue, 19 Sep 2000 17:13:51 +0100
Reply-To: John Riddoch <jr@scms.rgu.ac.uk>
From: John Riddoch <jr@SCMS.RGU.AC.UK>
X-To:         Jens.Steube@COC-AG.DE
To: BUGTRAQ@SECURITYFOCUS.COM

>Fix:            Best solution would be generally not to pass vars to
>                popen(), but rather opening the pipe to Sendmail by calling
>                popen("$default->path_to_Sendmail -t)
>                and putting all available information into the mail header.
>                This requires some extra checking and converting, but
>                secures the system a lot.

There's an update available which should be a more complete fix; from
http://horde.org/imp :

The Horde team announces the availability of IMP 2.2.2 -- this version is
"part 2" to a security vulnerability present in 2.2.0 (and earlier "pre"
releases) that was only partially fixed in 2.2.1. Users of IMP 2.2 on
production systems are STRONGLY ENCOURAGED to upgrade.


--
John Riddoch	Email: jr@scms.rgu.ac.uk	Telephone: (01224)262721
http://www.scms.rgu.ac.uk/staff/jr/
Theists think all gods but theirs are false.  Atheists simply don't make
an exception for the last one.

home help back first fref pref prev next nref lref last post