SECURITY HOLE: cnfsstat
Mike Bird
mgb at yosemite.net
Wed Aug 25 07:23:58 UTC 1999
INN 2.2
cnfsstat at line 348 runs grephistory in backquotes. The $msgid is not
checked for malicious characters.
cnfsstat tripped over this in a message-ID which contained a backquote in
the (bogus) hostname. I don't know which other malicious characters can
make it this far.
I'm gonna have to be more careful about running cnfsstat when I'm root!
----------------------------------------------------------
Mike Bird Tel: 209-742-5000 FAX: 209-966-3117
President POP: 209-742-5156 PGR: 209-742-9979
Iron Mtn Systems http://member.yosemite.net/
More information about the inn-workers
mailing list