[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: Re: hhp: Remote pine exploit.
From: "John D. Hardin" <jhardin () WOLFENET ! COM>
Date: 1999-06-25 19:18:27
[Download RAW message or body]
On Tue, 22 Jun 1999, Elaich Of Hhp wrote:
> A few months ago I found a bigger problem with the
> charset bug then imagined. With a uuencode/uudecode
> method in the charset, and an index.html of a site, it's
> possible to run any program/script wanted to on the remote
> system. When the email is read it launches lynx -source
> and grabs the index.html which is then uudecoded and ran.
> This includes root and non-root users infected. Many big
> servers run pine, and having fingerd running, most of the
> time allows us complete access to get every username on the
> server, which then is simple to send the infected emails to
> each user.
> We have tested this on our own systems with full success.
> These operating systems include BSD, Linux, IRIX, AIX, SCO,
> and SunOS.
> I'm sure this will be fixed in the newer version along
> with the patch already made for the current version.
> hhp-pine.tar is available to download at our site,
> http://hhp.hemp.net/.
>
> The current pine 4.10 patch is available to download at
> http://www.geek-girl.com/bugtraq/1999_1/0532.html
Since this is a variant on the command-line-in-a-MIME-header exploit
that was described earlier, it is defanged by the procmail sanitizer.
--
John Hardin KA7OHZ jhardin@wolfenet.com
pgpk -a finger://gonzo.wolfenet.com/jhardin PGP key ID: 0x41EA94F5
PGP key fingerprint: A3 0C 5B C2 EF 0D 2C E5 E9 BF C8 33 A7 A9 CE 76
-----------------------------------------------------------------------
Efficiency can magnify good, but it magnifies evil just as well.
So, we should not be surprised to find that modern electronic
communication magnifies stupidity as *efficiently* as it magnifies
intelligence.
-- Robert A. Matern
-----------------------------------------------------------------------
76 days until 9/9/99
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic