Xref: utzoo comp.mail.misc:3497 comp.mail.uucp:4378 Path: utzoo!utgpu!news-server.csri.toronto.edu!mailrus!uwm.edu!ux1.cso.uiuc.edu!tank!gargoyle!chinet!randy From: randy@chinet.chi.il.us (Randy Suess) Newsgroups: comp.mail.misc,comp.mail.uucp Subject: smail 3.0 security hole? Message-ID: <1990Jun8.210309.13542@chinet.chi.il.us> Date: 8 Jun 90 21:03:09 GMT Reply-To: randy@chinet.chi.il.us (Randy Suess) Organization: Chinet - Chicago Public Access UNIX Lines: 41 Not sure if this got out the first time..... I just had a root breaking here on chinet. I am running ISC 2.0.2 with smail 3.0. smail 3.0 is setuid root. I believe he broke in via smail. This is a piece of mail that got bounced to postmaster here. Any ideas? From MAILER-DAEMON Fri Jun 8 13:32:55 1990 Return-Path: Received: by chinet.chi.il.us (/\=-/\ Smail3.1.18.1 #18.65) id ; Fri, 8 Jun 90 13:32 CDT Message-Id: Date: Fri, 8 Jun 90 13:32 CDT From: To: Postmaster Subject: mail failed, sending to address owner Reference: Status: RO |------------------------- Failed addresses follow: ---------------------| "|/tmp/x" ... failed: transport pipe: child returned status EX_1 (1) |------------------------- Message text follows: ------------------------| Received: by chinet.chi.il.us (/\=-/\ Smail3.1.18.1 #18.65) id ; Fri, 8 Jun 90 13:32 CDT Message-Id: Date: Fri, 8 Jun 90 13:32 CDT From: gandalf (alien life form) To: root hehe -randy randy@chinet.chi.il.us -- Randy Suess randy@chinet.chi.il.us