Re: Solaris /usr/bin/mailx exploit (SPARC)

From: Tobias J. Kreidl (Tobias.Kreidlat_private)
Date: Tue May 15 2001 - 14:47:02 PDT

Next message: e-Security Chap: "[RE: NSFOCUS SA2001-02 : Microsoft IIS CGI Filename Decode Error V ulnerability]"

Previous message: d0gman !: "RE: Microsoft IIS CGI Filename Decode Error Vulnerability"
Maybe in reply to: Pablo Sor: "Solaris /usr/bin/mailx exploit (SPARC)"
Reply: Greg A. Woods: "Re: Solaris /usr/bin/mailx exploit (SPARC)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Andrew Hilborne <andrew.hilborneat_private> wrote on
Tue, 15 May 2001 14:15:45 +0100:

> Just how do you force 0600 on mailboxes which don't exist (many MUAs
> remove empty mailboxes?)
>
> Since you cannot easily do this, at the very least a malicious user
> should be able to steal other users' mail. I think.

1) The permissions 1777 on /var/mail should allow empty mailboxes to
remain under most circumstances.  One should be careful what
IMAP and POP services are running on your machine and how
they handle this.

2) When a new user account is first established, it is imperative that
a mailbox be created at that time with the proper ownerships and file 
permissions.

3) A cron job can help monitor any discrepancies between existing and 
desired file attributes of mailboxes in /var/mail and rectify them on 
the fly.

Tobias Kreidl
NAU/Information Technology Services

Next message: e-Security Chap: "[RE: NSFOCUS SA2001-02 : Microsoft IIS CGI Filename Decode Error V ulnerability]"
Previous message: d0gman !: "RE: Microsoft IIS CGI Filename Decode Error Vulnerability"
Maybe in reply to: Pablo Sor: "Solaris /usr/bin/mailx exploit (SPARC)"
Reply: Greg A. Woods: "Re: Solaris /usr/bin/mailx exploit (SPARC)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed May 16 2001 - 05:29:36 PDT