dumping into sendmail

dumping into sendmail

Post by Thomas Dav » Tue, 26 Mar 1996 04:00:00



if i were to put a textarea on a web page, allow any user to put
anything they wanted in it, then dump it's contents directly into
sendmail, what kind of security holes am i looking at?  what do i need
to look for and parse out?

please respond with a follow-up (not e-mail) so that all who read this
group can benefit.  thanks! :-)

p.s. i haven't actually done this, so don't ask for the url ;-)

--
Thomas E. Davis

http://otto.cmr.fsu.edu/~davis_t/drumline/index.html

 
 
 

dumping into sendmail

Post by Chris Coo » Wed, 27 Mar 1996 04:00:00



> if i were to put a textarea on a web page, allow any user to put
> anything they wanted in it, then dump it's contents directly into
> sendmail, what kind of security holes am i looking at?  what do i need
> to look for and parse out?

You're looking at the problem from the wrong angle - look at
filtering IN known good data, throw away anything you dont want
that way you dont need to worry (too much :-) about new hacks

Check out the recent CERT/CIAC security announcements regarding
use of CGI scripts etc

Regards
Chris

 
 
 

1. unix dump: dumped twice to same dumpfile; restore if file displays only last dump


-rw-r--r--    1 root     root     554221568 Nov 22 16:07 /mnt/cc/cc

restore > ls
.:
System.map              grub/                   map
System.map-2.4.8-26mdk  kernel.h                message
boot.0300               kernel.h-2.4.8          os2_d.b
boot.b                  lilo                    us.klt
chain.b                 lilo-graphic/           vmlinuz
config                  lilo-menu/              vmlinuz-2.4.8-26mdk
config-2.4.8-26mdk      lilo-text/

That's a mighty big filesize for /boot which i know to be 23 MB.
So i must assume that the first dump (of / ) is still there.
But restore only lets me see the latest dump (on top of that "layer")

Anyone ever encounter this and recover the first dump?

cave jabberwockum

2. date change not inherited by app

3. sendmail creates a dump

4. XBanner 1.31 - a new release!

5. A core dumping /usr/lib/sendmail

6. Netscape 2.0b can't find 0.0

7. Sendmail 8.8.7 Core Dump

8. ISP for linux in CA, USA

9. bad sendmail console dump

10. Problems with sendmail dumping core (2.1)

11. single-user dumps, and remote dumps (again)

12. Dumps of mounted file systems, dump size estimates and GNU tar

13. dump core or not dump core