Bugtraq mailing list archives
Re: Sendmail 8.6.9
From: perry () imsi com (Perry E. Metzger)
Date: Wed, 15 Feb 1995 08:23:16 -0500
Tom Fitzgerald says:
There are massive holes in IDA that are fixed by 8.6.9; anyone telling you the reverse is tugging very hard on your lower appendages.Could you be a little more specific - particularly concerning 5.67b+IDA1.5? There were definitely security bugs in 5.65c+IDA1.4.4.1, that were fixed with some emergency patches that were later merged in with 5.67, but I haven't heard of anything more recent. At the very least, are these problems that can be fixed by using smrsh?
I believe all the known external holes are fixed with smrsh; I am unsure as to whether that IDA still suffers from the debug option bug. In any case, I'd say that claims to the effect that 8.6.9 has known holes that IDA does not have are spurious. I didn't really intend to trash IDA per se or anything. Perry
Current thread:
- Re: Vulnerability in NCSA HTTPD 1.3, (continued)
- Re: Vulnerability in NCSA HTTPD 1.3 Robert M. Haas (Feb 14)
- Re: Vulnerability in NCSA HTTPD 1.3 Christopher Davis (Feb 16)
- Fixing the NCSA HTTPD 1.3 Thomas Lopatic (Feb 14)
- Re: Fixing the NCSA HTTPD 1.3 Paul 'Shag' Walmsley (Feb 15)
- Re: Fixing the NCSA HTTPD 1.3 Rens Troost (Feb 15)
- Re: Fixing the NCSA HTTPD 1.3 Paul 'Shag' Walmsley (Feb 15)
- For NCSA Http_1.05a Everett F Batey WA6CRE (Feb 15)
- Sendmail 8.6.9 Nathan Lawson (Feb 14)
- Re: Sendmail 8.6.9 Perry E. Metzger (Feb 14)
- Re: Sendmail 8.6.9 Tom Fitzgerald (Feb 14)
- Re: Sendmail 8.6.9 Perry E. Metzger (Feb 15)