Date: Mon, 17 Apr 2000 18:33:01 -0700 (PDT) From: Kris Kennaway <kris@FreeBSD.org> To: "Michael S. Fischer" <michael@dynamine.net> Cc: security@freebsd.org Subject: Re: Fw: Re: imapd4r1 v12.264 Message-ID: <Pine.BSF.4.21.0004171830370.95722-100000@freefall.freebsd.org> In-Reply-To: <Pine.BSF.4.21.0004171807100.92968-100000@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 17 Apr 2000, Kris Kennaway wrote:
> On Mon, 17 Apr 2000, Michael S. Fischer wrote:
>
> > This is the current version in the ports collection. Help!
>
> Briefly, the vulnerability seems to be that someone who has a mail account
> on the server can get access to the user account which runs imapd. I don't
> think it's something that can be exploited by an outsider, so it might be
> that in your environment the threat is not significant.
According to the message I just read on bugtraq by the vendor, it doesn't
seem to be as bad as I described it above: imapd has dropped privileges by
the time it hits the vulnerability, so exploiting it will only give access
to the shell account of the user who has logged in to imap. This may still
be a problem in some installations, i.e. if they don't provide shell
access to their mail users on the imap server.
Note that I haven't heard independent confirmation of the above, so it's
subject to revision :-)
Kris
----
In God we Trust -- all others must submit an X.509 certificate.
-- Charles Forsythe <forsythe@alum.mit.edu>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0004171830370.95722-100000>