Bugtraq mailing list archives

Sendmail hole ?

From: manish () cast uark edu (Manish N. Dharwadker)
Date: Fri, 8 Apr 94 8:48:41 CDT



How about sum details regarding how sendmail -d can be abused to get root access
? I wud really appreciate it if the ppl. on this list got more technical and
less full of B***S**t .... this is not a CERT list or sumthing . so let us be open.

I have had problems in the past with sendmail (the pipe to program disaster), and
wud like to be on the right side of the fence for once.

Thanx,

Manish.


Excuse me for upsetting the sensiblilities of ppl. on this list but this
was posted to the list on march 16 when no details were available.

Subsequently I got the details and have archived them.

I really think that details should be posted as soon as possible as
I have been a victim of a alleged p0sse rm -rf and a lame system
administrator.

-- Manish.

Current thread:

Sendmail details ? Manish N. Dharwadker (Mar 16)
- Re: Sendmail details ? Karl Strickland (Apr 07)
- Re: Sendmail details ? Scott Chasin (Apr 07)
- Re: Sendmail details ? Timothy Newsham (Apr 07)
- [rick () msc cornell edu: AFS 3.3 ftpd security problem] Perry E. Metzger (Apr 08)
- Sendmail hole ? Manish N. Dharwadker (Apr 08)