[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: alert: New event: ET EXPLOIT Possible SpamAssassin Milter Plugin Rem
From: |
Shadwick, Tony |
Subject: |
RE: alert: New event: ET EXPLOIT Possible SpamAssassin Milter Plugin Remote Arbitrary Command Injection Attempt |
Date: |
Fri, 11 Feb 2011 08:31:31 -0600 |
Meanwhile back at the ranch, the behavior of Postfix's sendmail -bv isn't the
same as sendmail's sendmail -bv. I kinda hacked together a fix for my own box
getting it to call an external perl script, so my own personal box is even less
secure than the original exploit. :P You just have to know how to take
advantage of it. :\
So anyhoo - don't know if there's any interest in implementing a fix for
postfix that doesn't completely suck or not. Mine keeps leaving perl zombies
lying around from sessions that don't end cleanly.
Tony Shadwick
-----Original Message-----
From: address@hidden [mailto:address@hidden On Behalf Of Dan Nelson
Sent: Friday, February 11, 2011 12:08 AM
To: Adam Katz; address@hidden
Subject: Re: alert: New event: ET EXPLOIT Possible SpamAssassin Milter Plugin
Remote Arbitrary Command Injection Attempt
In the last episode (Feb 10), Don Armstrong said:
> On Thu, 10 Feb 2011, Adam Katz wrote:
> > On 02/10/2011 10:21 AM, David F. Skoll wrote:
> > > Aieee.... popen() in security-sensitive software!??!??
> > >
> > > Also, why does the milter process run as root? That seems like a huge
> > > hole all by itself.
> >
> > Does this affect sendmail as well as postfix?
>
> It only affects you if you're running with -x. This was patched in
> Debian and Redhat in March of 2010.
>
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=573228
I thought I committed the patch to CVS, but apparently hadn't. It's
committed now, and I'll do a release this weekend.
--
Dan Nelson
address@hidden
_______________________________________________
Spamass-milt-list mailing list
address@hidden
http://lists.nongnu.org/mailman/listinfo/spamass-milt-list