2 messages in net.sourceforge.lists.courier-maildrop[maildropl] Re: authlib bug - POSSIBL...
FromSent OnAttachments
Peter DiffeyMar 24, 2003 4:01 pm 
Sam VarshavchikMar 24, 2003 5:22 pm 
Actions with this message:
Paste this link in email or IM:
Paste this link in email or IM:
Atom feed for this thread
Paste this URL into your reader:
Subject:[maildropl] Re: authlib bug - POSSIBLE TROJANActions...
From:Sam Varshavchik (mrs@courier-mta.com)
Date:Mar 24, 2003 5:22:50 pm
List:net.sourceforge.lists.courier-maildrop

Peter Diffey writes:

It seems that there is a serious bug in the courier-imap authdaemon - at least that seems to my first impression.

I did a standard configure/make/install of courier-imap-1.7.1.20030319.tar.tar

My system is MDK 8.2

thereafter I found that my system security was wide open, and no passwords are required for telnet, rsh or anything else.

I noticed that the /usr/lib/authlib/auth* executables have been replaced, this seems to have been done by authlib/Makefile.am

I believe that the authdaemon may have been hacked

It could of course be some sort of installation failure, however this in itself is dangerous, and is potentially as damaging as a trojan.

Please investigate

A couple of things:

A) This is the maildrop list, not the Courier-IMAP list

B) There is nothing called "courier-imap-1.7.1.20030319.tar.tar" that's available for download. For quite some time, only bzip2-compressed tarballs were distributed.

C) Nothing ever gets installed in '/usr/lib/authlib', after a "a standard configure/make/install".

D) A checksum of courier-imap-1.7.1.20030319.tar.bz2 currently available for download matches my own checksum.

Conclusion: please make some effort to obtain some facts by YOURSELF, before going off, like that.