[2271] in bugtraq
Re: INN1.4sec on Linux
daemon@ATHENA.MIT.EDU (Dave Barr)
Thu Sep 28 13:21:25 1995
Date: Mon, 25 Sep 1995 13:48:04 -0400
Reply-To: Bugtraq List <BUGTRAQ@CRIMELAB.COM>
From: Dave Barr <barr@math.psu.edu>
X-To: Bugtraq List <BUGTRAQ@CRIMELAB.COM>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@CRIMELAB.COM>
In-Reply-To: Your message of "Mon, 18 Sep 1995 13:05:25 +0200."
<m0sue0r-00005AC@monad.swb.de>
In message <m0sue0r-00005AC@monad.swb.de>, Olaf Kirch writes:
>there's a problem with INN1.4sec as distributed on sunsite and probably
>a number of Linux distributions. Control messages are parsed by shell
>scripts, which (at least for some shells) allow remote users to execute
>arbitrary commands on your news host.
It should be noted that my INN 1.4unoff2 release includes a fix for
this. As far as I know, it fixes the problem.
It doesn't include a fix for rnews, however. I think rnews itself
should clear the environment itself and set the PATH.
--Dave
