Thu, 26 Aug 1999 13:13:27 -0400
|
On Thu, 26 Aug 1999 12:31:30 EDT, Listserv Admin <[log in to unmask]> said:
> Maybe you could be a bit more explicit? What header is actually
> replaced with the password that could cause listserv to bypass the "real
> owner"?
If you're the list owner, I can't forge a 'PUT listname LIST' or similar.
Unless of course, I can get the entire 'PUT listname LIST PW=xyzzy' correct.
Same goes for ADD, DELETE, and any other list-owner-only operation.
Now, it's a LITTLE harder to do this *and* dissapear the Listserv reply so
that the actual list owner doesn't see it, but it's doable by a sufficiently
determined adversary (hint - the secret is a Denial Of Service attack. Has
YOUR system been patched against things like SYN-flooding, or TCP sequence
number prediction, or any of those OTHER nasty problems? ;)
--
Valdis Kletnieks
Computer Systems Senior Engineer
Virginia Tech
|
|
|