Gentoo Security Bugs on MailScanner
John Wilcock
john at tradoc.fr
Tue Apr 20 07:37:10 IST 2010
Le 20/04/2010 01:10, Noel Butler a écrit :
> root at dev:/tmp# rm /tmp/ClamAV.update.log
> root at dev:/tmp# ln -s /etc/passwd /tmp/ClamAV.update.log
>
> < gave my login a shell, su'd to me, and cat of ClavAV.update.log
> verifies a non priv user can view the contents as one expects, but is
> useless since its not a shadow file>
Well, in attempting to explain these so-called symlink vulnerabilities,
I chose /etc/passwd as a well-known system file, though I'm well aware
that on many recent systems it isn't what counts. But the same principle
could of course be used to malevolently overwrite whatever important
system file you want.
> using antiquated versions is one way where Julian may not give high
> priority into looking into such things when he returns.
Despite the title of the gentoo bug referred to, the gentoo tree now
contains (unless the removal threat has been carried out) an ebuild for
MailScanner 4.79.11, the latest stable version, which still contains
some symlink vulnerabilities.
John.
--
-- Over 4000 webcams from ski resorts around the world - www.snoweye.com
-- Translate your technical documents and web pages - www.tradoc.fr
More information about the MailScanner
mailing list