Re: CERT Advisory CA-97.08 - Second vulnerability related to INN

Michal Jankowski (michalj@FUW.EDU.PL)
Sat, 5 Apr 1997 00:40:17 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: null: "Password problem in Trumpet Winsock."
Previous message: Bollinger: "AIX Fix Info: NLS environment variables"
In reply to: Aleph One: "CERT Advisory CA-97.08 - Second vulnerability related to INN -"

Well, there are patches for INN, but the bug is actually in the
"mail" program and doesn't need INN to be exploited.

How about sending to somebody (to root, preferably) a mail with
"Reply-To: |some-interesting-command-here"
in hope he'll use ucb mail to reply to this letter?

   MJ

Next message: null: "Password problem in Trumpet Winsock."
Previous message: Bollinger: "AIX Fix Info: NLS environment variables"
In reply to: Aleph One: "CERT Advisory CA-97.08 - Second vulnerability related to INN -"