[Simon Walter] Re: Bug#506353: mailscanner: many scripts allow
local users to overwrite arbitrary files, and more,
via symlink attacks
Alex Neuman van der Hans
alex at rtpty.com
Mon Dec 8 23:15:50 GMT 2008
Reminds me of a biblical reference about something in one's eye... ;-)
On Dec 8, 2008, at 10:00 AM, Julian Field
<MailScanner at ecs.soton.ac.uk> wrote:
> Send me mail from a badly setup domain, and you better not be
> surprised when I don't accept it. The RFC makes it very clear that
> MX records can only point to A records and not to CNAME records.
> Get your DNS fixed and I will happily accept your mail.
> On 3/12/08 22:46, Simon Walter wrote:
>> I send this through the mailinglist because I can't send it to
>> Julian directly because of the following:
>> mailscanner at ecs.soton.ac.uk
>> SMTP error from remote mail server after MAIL FROM:<simon.walter at hp-factory.de
>> host mx.ecs.soton.ac.uk [220.127.116.11]: 553 5.1.8 sender<simon.walter at hp-factory.de
>> > from hp-factory.de MX invalid #439 (kB2Lcm295123146500)
>> I don't know what's causing this...
>> Anyway, here is the mail in which some of you should be interested
>> -------------------- Start of forwarded message --------------------
>> To: Mark Purcell<msp at debian.org>
>> Cc: 506353 at bugs.debian.org, Raphael Geissert<atomo64 at gmail.com>, mailscanner at ecs.soton.ac.uk
>> BCC: control at bugs.debian.org
>> Subject: Re: Bug#506353: mailscanner: many scripts allow local
>> users to overwrite arbitrary files, and more, via symlink attacks
>> X-Draft-From: ("nnml:debian.bugs" 284)
>> References:<200811201524.52353.atomo64 at gmail.com>
>> <200812032338.02957.msp at debian.org>
>> From: Simon Walter<simon.walter at hp-factory.de>
>> Date: Wed, 03 Dec 2008 22:28:09 +0100
>> In-Reply-To:<200812032338.02957.msp at debian.org> (Mark Purcell's
>> message of "Wed\, 3 Dec 2008 23\:38\:02 +1100")
>> Message-ID:<877i6hhrti.fsf at hp-factory.de>
>> User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/22.2 (gnu/linux)
>> Lines: 51
>> Xref: tharlab others.sent:737
>> package mailscanner
>> tags 506353 help upstream confirmed
>> Mark Purcell<msp at debian.org> writes:
>>> On Friday 21 November 2008 08:24:46 Raphael Geissert wrote:
>>>> I'm using severity grave as this package should definitely not be
>>>> in any release as is.
>>> This RC bug was reported almost two weeks ago without any comment
>>> from you.
>>> Are you in a position to investigate and propose a way forward for
>>> package in lenny?
>> I have looked at the code-segments Raphael pointed out and I'm
>> agree with him. In the current state the package should not be part
>> the lenny release.
>> I'm in no position to fix all this. I'm not familiar enough with the
>> MailScanner sourcecode and I'm not able to test the changes I would
>> have to make, in particular to all the virusscanner scripts.
>> I have put Julian Field (upstream author) in CC to inform him about
>> all this. (@Julian: the full bugreport is here )
>> If he is willing and able to fix the problems in a feature
>> release before lenny is released I will try to backport the fixes to
>> the current package in lenny.
>> Otherwise this package should be removed.
>> I'm also wondering why  marks CVE-2008-5140 as fixed for
>> sid+lenny. It claims the bug was fix with 4.57.6-1, but there is no
>> difference between 4.55.10-3 and 4.57.6-1.
>> Sorry for the late reply.
> Julian Field MEng CITP CEng
> Buy the MailScanner book at www.MailScanner.info/store
> Need help customising MailScanner?
> Contact me!
> Need help fixing or optimising your systems?
> Contact me!
> Need help getting you started solving new requirements from your boss?
> Contact me!
> PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> Before posting, read http://wiki.mailscanner.info/posting
> Support MailScanner development - buy the book off the website!
More information about the MailScanner