comments on deadly.org
<< "The mail(1) program can be made to execute arbitrary code in non interactive mode. this can be exploited using cron and the system startup scripts (by any local user with no privs) a patch is and advisory is available on the advisory page.
the 2.9 patch is at ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.9/common/023_mail.patch the 3.0 patch is at ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.0/common/018_mail.patch
the fix has also been applied to the stable branches." >>
There is an exploit in the wild for this one too, so if you have multiple users and you cant absolutely trust them all, fix this immediately (like 2 days ago).
OpenBSD errata page.
OpenBSD anoncvs page.
BUMPS and comments appreciated.
<< "The mail(1) program can be made to execute arbitrary code in non interactive mode. this can be exploited using cron and the system startup scripts (by any local user with no privs) a patch is and advisory is available on the advisory page.
the 2.9 patch is at ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.9/common/023_mail.patch the 3.0 patch is at ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.0/common/018_mail.patch
the fix has also been applied to the stable branches." >>
There is an exploit in the wild for this one too, so if you have multiple users and you cant absolutely trust them all, fix this immediately (like 2 days ago).
OpenBSD errata page.
OpenBSD anoncvs page.
BUMPS and comments appreciated.
