Re: Sendmail 8.6.12 hole & smrsh

[casper () Holland Sun COM (Casper Dik)]

> > Who knows what the root-shell-giving security hole is in Sendmail 8.6.12
> > that was incompletely patched in 8.7, and (supposedly) finally patched
> > in 8.7.1?
>
> I wonder if the attack is still possible if there is a "smrsh" shell
> installed instead of "sh" in sendmail.cf ?


Yes.  The syslog() hole exploits don't care whether you have installed
smrsh or not.  The only thing that helps is a patched syslog(),
something you'll need anyway for your other daemons, or sendmail 8.7.1
and that only works if you have a syslog() with an internal buffersize
with 1024 bytes (i.e., if you haev a smaller interner buffer, you
may be out of luck anyway)

Casper