RPMMail Local/Remote Root Vulnerability
BID:2301
Info
RPMMail Local/Remote Root Vulnerability
| Bugtraq ID: | 2301 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | Yes |
| Published: | Oct 04 1999 12:00AM |
| Updated: | Oct 04 1999 12:00AM |
| Credit: | Reported to bugtraq by Brock Tellier <[email protected]> on Mon Oct 04, 1999. |
| Vulnerable: |
SuSE Linux 6.2 Redhat Linux 6.0 x |
| Not Vulnerable: | |
Discussion
RPMMail Local/Remote Root Vulnerability
By sending a carefully-formed mail message to the affected mail host's 'rpmmail' account, an attacker may be able to obtain a root shell, or to run arbitrary commands as 'nobody' or another unprivileged user.
By sending a carefully-formed mail message to the affected mail host's 'rpmmail' account, an attacker may be able to obtain a root shell, or to run arbitrary commands as 'nobody' or another unprivileged user.
Exploit / POC
RPMMail Local/Remote Root Vulnerability
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
RPMMail Local/Remote Root Vulnerability
Solution:
This version of rpmmail should not be vulnerable to this attack:
ftp://reedycreek.com/reedycreek/rpmmaildemo/rpmmail-1.4.tar.gz
ftp://reedycreek.com/reedycreek/rpmmaildemo/rpmmail-1.4-2.i386.rpm
Currently the SecurityFocus staff are not aware of any other vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: <[email protected]>
Solution:
This version of rpmmail should not be vulnerable to this attack:
ftp://reedycreek.com/reedycreek/rpmmaildemo/rpmmail-1.4.tar.gz
ftp://reedycreek.com/reedycreek/rpmmaildemo/rpmmail-1.4-2.i386.rpm
Currently the SecurityFocus staff are not aware of any other vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: <[email protected]>
References
RPMMail Local/Remote Root Vulnerability
References:
References: