'Re: hhp: Remote pine exploit.'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    Re: hhp: Remote pine exploit.
From:       "John D. Hardin" <jhardin () WOLFENET ! COM>
Date:       1999-06-25 19:18:27
[Download RAW message or body]

On Tue, 22 Jun 1999, Elaich Of Hhp wrote:

>    A  few  months  ago  I  found  a bigger problem with the
> charset   bug   then  imagined.  With  a  uuencode/uudecode
> method  in  the  charset, and an index.html of a site, it's
> possible  to run any program/script wanted to on the remote
> system.  When  the  email  is read it launches lynx -source
> and  grabs  the index.html which is then uudecoded and ran.
> This  includes  root and non-root users infected.  Many big
> servers run pine, and having fingerd running,  most  of the
> time allows us complete access to get every username on the
> server, which then is simple to send the infected emails to
> each user.
>    We have tested this on our own systems with full success.
> These  operating systems include BSD, Linux, IRIX, AIX, SCO,
> and SunOS.
>    I'm  sure  this will be fixed in the newer version along
> with  the  patch  already  made  for  the  current version.
> hhp-pine.tar   is   available  to  download  at  our  site,
> http://hhp.hemp.net/.
>
>    The  current pine 4.10 patch is available to download at
> http://www.geek-girl.com/bugtraq/1999_1/0532.html

Since this is a variant on the command-line-in-a-MIME-header exploit
that was described earlier, it is defanged by the procmail sanitizer.

--
 John Hardin KA7OHZ                               jhardin@wolfenet.com
 pgpk -a finger://gonzo.wolfenet.com/jhardin    PGP key ID: 0x41EA94F5
 PGP key fingerprint: A3 0C 5B C2 EF 0D 2C E5  E9 BF C8 33 A7 A9 CE 76
-----------------------------------------------------------------------
  Efficiency can magnify good, but it magnifies evil just as well.
  So, we should not be surprised to find that modern electronic
  communication magnifies stupidity as *efficiently* as it magnifies
  intelligence.
                                  -- Robert A. Matern
-----------------------------------------------------------------------
   76 days until 9/9/99

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic