[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] Re: suid perl - 2 month old hazard

Subject: [cobalt-users] Re: suid perl - 2 month old hazard
From: "Render-Vue" <sales@xxxxxxxxxxxxxx>
Date: Fri Nov 16 02:58:51 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

gsh replied to Render-Vue...


>>No, you should ideally install the updated package. The 's' in the 'rws-'
on your suidperl is what's bad, it means it sets itself to the root user
when you run it, gaining privileges. The exploit takes advantage of that.

The new package fixes this.

I'm not willing to second guess Taco on this yet, but it *may* be
sufficient to chmod u-s /usr/bin/suidperl , however, there are other
privileged scripts in neomail itself, also, there is a small bug fix..

Left as is, your machine can be exploited by an internal user...
[I don't think there's any external vulnerabilities introduced here, i'd
fix it just the same]

gsh<<

Thanks for that gsh but I think there's digest problems as this post was
sent the day before Taco release the patch for NeoMail. I also sent a follow
up to the original post that you answered today which was on the digest
yesterday saying forget this post and Taco was the "Main Man" for fixing the
problem so quickly :>

Anyway thanks again gsh

Regards from Auckland

Chae

Prev by Date: [cobalt-users] SquirrelMail/Neomail on RaQ4R
Next by Date: [cobalt-users] MySQL on 4R
Previous by thread: Re: [cobalt-users] Re: suid perl - 2 month old hazard
Next by thread: Re: [cobalt-users] Neomail problem with forwarding email? (fwd) (fwd)

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index