Bugtraq mailing list archives
Re: Remote exploit in sendmail 8.8.0
From: steve () miranova com (Steven L Baur)
Date: Fri, 18 Oct 1996 11:43:56 -0700
"D" == D J Bernstein <djb () koobera math uic edu> writes:
Dave> That, or get 8.8.1 which is out now. What service! D> Is it just my imagination, or does sendmail.8.8.1.patch replace D> if (mime_fromqp((u_char *) buf, &obp, 0, MAXLINE) == 0) D> with D> if (mime_fromqp((u_char *) buf, &obp, 0, &obp[MAXLINE] - obp) == 0) D> This is not exactly what I'd call a fix. Which is why 8.8.2 is out now. What service! -- steve () miranova com baur Unsolicited commercial e-mail will be billed at $250/message. What are the last two letters of "doesn't" and "can't"? Coincidence? I think not.
Current thread:
- Remote exploit in sendmail 8.8.0 John Anonymous MacDonald (Oct 16)
- Re: Remote exploit in sendmail 8.8.0 Alain Magloire (Oct 17)
- <Possible follow-ups>
- Re: Remote exploit in sendmail 8.8.0 Thomas Roessler (Oct 17)
- Re: Remote exploit in sendmail 8.8.0 Dave Hayes (Oct 17)
- Re: Remote exploit in sendmail 8.8.0 D. J. Bernstein (Oct 17)
- Re: Remote exploit in sendmail 8.8.0 Daniel S. Riley (Oct 18)
- Re: Remote exploit in sendmail 8.8.0 Steven L Baur (Oct 18)