Bugtraq mailing list archives

New Sendmail hole (w/IDENT?)

From: jna () concorde com (John Adams)
Date: Thu, 23 Feb 1995 02:19:29 -0500


Anyone know what the details are on the new sendmail IDENT hole? 

Is it yet another clobber-the-string-buffer-and-run-commands hole as we
have seen in previous (buggy) versions of sendmail, or somethng more
esoteric? 

CERT has released an advisory on this, and we're intrested.
-john

Current thread:

Re: new sendmail bug? Quentin Fennessy (Feb 23)
- Bugtraq mailing list QM Admin (Feb 22)
- New Sendmail hole (w/IDENT?) John Adams (Feb 22)
- SGI patch for sendmail hole Dave Schweisguth (Feb 23)
- Re: new sendmail bug? Neil Woods (Feb 23)
- Bugtraq mailing list badbird () nether net (Feb 23)
  - Forgery... Dave Horsfall (Feb 23)
  - sendmail testing *Hobbit* (Feb 24)
    - Re: sendmail testing Michael R. Widner (Feb 25)
    - Re: sendmail testing Yossi Gottlieb (Feb 26)
    - lpr/lpd problems Baba Z Buehler (Feb 26)
    - the qf file *Hobbit* (Feb 25)
- <Possible follow-ups>
- Re: new sendmail bug? Michael Van Norman (Feb 23)