Meanwhile back at the ranch, the behavior of Postfix's sendmail -bv isn't the same as sendmail's sendmail -bv. I kinda hacked together a fix for my own box getting it to call an external perl script, so my own personal box is even less secure than the original exploit. :P You just have to know how to take advantage of it. :\
So anyhoo - don't know if there's any interest in implementing a fix for postfix that doesn't completely suck or not. Mine keeps leaving perl zombies lying around from sessions that don't end cleanly. Tony Shadwick -----Original Message----- From: spamass-milt-list-bounces+tony.shadwick=usa.gknaerospace....@nongnu.org [mailto:spamass-milt-list-bounces+tony.shadwick=usa.gknaerospace....@nongnu.org] On Behalf Of Dan Nelson Sent: Friday, February 11, 2011 12:08 AM To: Adam Katz; [email protected] Subject: Re: alert: New event: ET EXPLOIT Possible SpamAssassin Milter Plugin Remote Arbitrary Command Injection Attempt In the last episode (Feb 10), Don Armstrong said: > On Thu, 10 Feb 2011, Adam Katz wrote: > > On 02/10/2011 10:21 AM, David F. Skoll wrote: > > > Aieee.... popen() in security-sensitive software!??!?? > > > > > > Also, why does the milter process run as root? That seems like a huge > > > hole all by itself. > > > > Does this affect sendmail as well as postfix? > > It only affects you if you're running with -x. This was patched in > Debian and Redhat in March of 2010. > > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=573228 I thought I committed the patch to CVS, but apparently hadn't. It's committed now, and I'll do a release this weekend. -- Dan Nelson [email protected] _______________________________________________ Spamass-milt-list mailing list [email protected] http://lists.nongnu.org/mailman/listinfo/spamass-milt-list _______________________________________________ Spamass-milt-list mailing list [email protected] http://lists.nongnu.org/mailman/listinfo/spamass-milt-list
