Majordomo-Users: ???? Security warning ????

Majordomo-Users
(May 2000)

Indexed By Thread: [Previous] [Next]

Subject:	???? Security warning ????
From:	Gustavo Araujo Bittencourt <gustavo . bittencourt @ capes . gov . br>
Date:	Tue, 23 May 2000 17:21:17 -0300
To:	"'majordomo-users @ GreatCircle . COM'" <majordomo-users @ GreatCircle . COM>

Hello everybody,

Today I received the below warning, is there any fundament ?

Thank's,
Gustavo.
> ---------
> 
> 
> Description: Standard tmpfile problem Author: Karl G - NOC Admin
> <ovrneith@tqgnet.com> Compromise: Any user on a system running majordomo
> can append arbitrary data to any file owned by the majordomo account.
> Vulnerable Systems: Those running majordomo. This runs on a ton of systems
> (Solaris, Linux, IRIX, etc.). Date: 26 March 1998 Exploit & full info:
> Available http://www.insecure.org/sploits/Majordomo.tmpfile.html
>

Follow-Ups:

Re: ???? Security warning ????
From: Dan Liston <dliston@netscape.com>

Indexed By Date	Previous:	Re: novice questions From: Dan Liston <dliston@netscape.com>
Indexed By Date	Next:	Getting "Old" Messages Into Archive From: Bill Polhemus <bpolhem@swbell.net>
Indexed By Thread	Previous:	Re: novice questions From: Dan Liston <dliston@netscape.com>
Indexed By Thread	Next:	Re: ???? Security warning ???? From: Dan Liston <dliston@netscape.com>