|[Home] [Credit Search] [Category Browser] [Staff Roll Call]||The LINUX.COM Article Archive|
|Originally Published: Wednesday, 26 January 2000||Author: Derrick H. Lewis|
|Published to: news_enhance_security/Security News||Page: 1/1 - [Printable]|
Caldera Systems Security Advisory: various security problems with majordomo.
[LinuxToday] There are several bugs in majordomo that allow arbitrary users to execute commands with the privilege of majordomo. If the sendmail aliases file contains aliases that invoke majordomo, a compromise of additional system accounts is possible, which may further on lead to a root compromise. An immediate root exploit has not been found however.