Greetings, I wish to clear up a bit of a misunderstanding regarding a wierd email that some of you recieved. If you were affected, you recieved an email with no subject containing text along the lines of: --- Your ueber-secret password on 0wned.com is fD83#2a Brock Tellier Unix Systems Administrator Chicago, IL, usa btellierat_private --- I'll admit, it's an odd thing to recieve, but let me explain. Those of you who got the correct bugtraq post from me recieved "UnixWare read/modify users' mail", a post which detailed how any user could read other people's mail under UW7.1. In it, I set up a typical scenario where this would happen, including copy/pasteing an example email that might have been intercepted. I pasted this message, along with all the mail headers, into my advisory. The result of this is that some of your broken email programs interpereted this as TWO SEPERATE MESSAGES. It was actually only ONE message which contained the message headers in the body of the message. As Aleph One explained it to me: It did not get screwed. It seems to be the result of broken MUA's that can't even properly read a mbox formated file correctly. They seem to be confused by the message. Using any decent MUA the message is displayed just fine. All this being said, please understand that I didn't send out a real password to 0wned.com (I wonder how many ssh connections that server got using root:fd*3la@A as their login/pass) and I do not have any affiliation with this server. Brock Tellier UNIX Systems Administrator Chicago, IL, USA btellierat_private ____________________________________________________________________ Get free email and a permanent address at http://www.netaddress.com/?N=1
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:17:04 PDT