Bugtraq mailing list archives

Re: Sendmail 8.6.10: what's different?

From: peter () haywire DIALix COM (Peter Wemm)
Date: Fri, 24 Feb 1995 20:16:42 +0800 (WST)


On Fri, 24 Feb 1995, Igor V. Semenyuk wrote:


Does anyone know if IDA sendmail is vulnerable? CERT advisory
doesn't mention it - is it because IDA considered obsoleted or
because it is clean?


One would be safer to assume it is vulnerable until it's proven safe...  

Eric did say "probably all sendmail's, including most vendor's version 5 
derived ones" - IDA is a version 5 sendmail derivative too.

If it was fixed in IDA first, the chances are that somebody going through 
the RCS logs would have picked this up ages ago..

-Peter

Current thread:

Re: CERT Advisory CA-95:05.sendmail.vulnerabilities (fwd), (continued)
- - - Re: CERT Advisory CA-95:05.sendmail.vulnerabilities (fwd) Dave Schweisguth (Feb 23)
    - Sendmail 8.6.9 security hole Igor V. Semenyuk (Feb 22)
    - Re: Sendmail 8.6.9 security hole Christopher Samuel (Feb 23)
    - Sun Security Bulletin #129 (sendmail) Mark Graff (Feb 22)
    - new sendmail bug? James W. Abendschan (Feb 22)
    - Re: new sendmail bug? joel (Feb 22)
    - Re: new sendmail bug? Dave Horsfall (Feb 22)
    - Sendmail 8.6.10: what's different? der Mouse (Feb 23)
    - X keyboard sniffing Paul Howell (Feb 23)
    - Re: Sendmail 8.6.10: what's different? Igor V. Semenyuk (Feb 23)
    - Re: Sendmail 8.6.10: what's different? Peter Wemm (Feb 24)
    - Re: Sendmail 8.6.10: what's different? Peter Wemm (Feb 23)
    - Re: Sendmail 8.6.10: what's different? Christian Wettergren (Feb 24)
    - Re: new sendmail bug? Michael Van Norman (Feb 23)
    - Re: snooper watchers Aleph One (Feb 22)
    - Re: HP-UX Problem... Pete Shipley (Feb 21)