On Tue, 11 Jul 2000, Thomas Biege wrote:
By specifing a path name like /etc/passwd and sending a compressed mail to root an adversary could gain remote root access to a system by overwriting the local password database. The same could happen if a mail virus scanner, like AMaVIS, process' a malicious mail.
AMaViS-Perl: not affected (we use a Perl module instead) AMaViS versions below AMaViS-0.2.0-pre6-clm-rl-8-20000603 are not affected, simply because TNEF support was introduced with this version. If you run AMaViS with qmail or exim, you shouldn't be affected as AMaViS does not run as root. AMaViS 0.2.0-pre6-clm-rl-8-20000704 provides a fix for this problem. Please look at http://sourceforge.net/projects/amavis for latest stuff. I would like to thank Robert Valentan for reporting the bug to the AMaViS Development Team. best regards, Rainer Link -- Rainer Link, AntiVirus & Security, link@suse.de, www.suse.de Developer of A Mail Virus Scanner (AMaViS): http://amavis.org/ Founder of Linux AntiVirus Project: http://lavp.sourceforge.net/