Re: majordomo local exploit

From: Todd C. Miller (Todd.Millerat_private)
Date: Tue Dec 28 1999 - 23:03:01 PST

Next message: Christopher Schulte: "Re: majordomo local exploit"

Previous message: Ben Greenbaum: "Re: Remote DoS/Access Attack in Internet Anywhere Mail Server(POP"
Maybe in reply to: Brock Tellier: "majordomo local exploit"
Next in thread: Christopher Schulte: "Re: majordomo local exploit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

For those using perl 5.x, you can use sysopen() instead of the "magic"
perl open() to fix this.

 - todd

--- resend	Thu Aug 19 10:12:03 1999
+++ resend+	Tue Dec 28 23:55:39 1999
@@ -58,7 +58,7 @@
 if ($ARGV[0] =~ /^\@/) {
     $fn = shift(@ARGV);
     $fn =~ s/^@//;
-    open(AV, $fn) || die("open(AV, \"$fn\"): $!\nStopped");
+    sysopen(AV, $fn, O_RDONLY) || die("sysopen(AV, \"$fn\", O_RDONLY): $!\nStopped");
     undef($/);	# set input field separator
     $av = <AV>;	# read whole file into string
     close(AV);

Next message: Christopher Schulte: "Re: majordomo local exploit"
Previous message: Ben Greenbaum: "Re: Remote DoS/Access Attack in Internet Anywhere Mail Server(POP"
Maybe in reply to: Brock Tellier: "majordomo local exploit"
Next in thread: Christopher Schulte: "Re: majordomo local exploit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:24:05 PDT