[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]

[SECURITY HOLE] mailx bug



This hole in mailx drops you into a shell with mail group access
privileges. You can read/write/delete emails of any other user on the
box.

	-> http://packetstorm.securify.com/0005-exploits/mailx.c <-

	Found to:

	a) work on stock slink,potato,woody boxes.
	b) /supposedly/ works on slackware
	c) NOT work on $distribution + secure-Linux [ Check with
Debian ]

	Moral of the story, get secure-Linux.

	http://openwall.com/Linux

	Cheers.

								--ravi
-- 
Ravikant K.Rao : http://www.symonds.net/~ravi/
Primary Email  : <ravi@xxxxxxxxxxx> | PGP: 9544A4A1   GPG: 1024D/C2FC752D
---
Send e-mail to 'ilugc-request@xxxxxxxxxxxxxxxxxx' with 'unsubscribe' 
in either the subject or the body to unsubscribe from this list.