Bugtraq mailing list archives

Re: new sendmail bug?

From: neil () legless demon co uk (Neil Woods)
Date: Fri, 24 Feb 1995 01:06:39 +0100 (GMT)


Just a quick note to say there's an easier way to exploit this
remotely, I've made details available to CERT.

8.6.10 looks to be a good fix, but take the advice about wrappers
and which are secure from remote attacks with a pinch of salt.

Cheers,

Neil

-- 
Let the Mystery Be, So Watcha Want, Longing In Their Hearts, Hate My Way,
M-Bike, Safari, Uncle June and Aunt Kiyoti, Daisy Dead Petals, Tuff Gnarl.

     ...like a badger with an afro throwing sparklers at the Pope...

Current thread:

Re: new sendmail bug? Quentin Fennessy (Feb 23)
- Bugtraq mailing list QM Admin (Feb 22)
- New Sendmail hole (w/IDENT?) John Adams (Feb 22)
- SGI patch for sendmail hole Dave Schweisguth (Feb 23)
- Re: new sendmail bug? Neil Woods (Feb 23)
- Bugtraq mailing list badbird () nether net (Feb 23)
  - Forgery... Dave Horsfall (Feb 23)
  - sendmail testing *Hobbit* (Feb 24)
    - Re: sendmail testing Michael R. Widner (Feb 25)
    - Re: sendmail testing Yossi Gottlieb (Feb 26)
    - lpr/lpd problems Baba Z Buehler (Feb 26)
    - the qf file *Hobbit* (Feb 25)
- <Possible follow-ups>
- Re: new sendmail bug? Michael Van Norman (Feb 23)