Bugtraq mailing list archives

Re: Patch for 8lgm syslog/sendmail vulnerability, 4.4lite machines

From: Mark.Graff () Eng Sun COM (Mark Graff)
Date: Wed, 30 Aug 1995 11:35:16 -0700


Folks,

Charles Hannum wrote,

[Sigh.  I don't really have time to deal with this right now, but I
suppose it can't really wait.]


...and I find myself in agreement.

Just FYI, we're working on a fix too. I don't have an estimate yet but
I do plan to issue an advisory late today outlining what we know at this
time. (Nothing I say then will be much a news flash to readers of this
group.)

I'll send it out to the Customer Warning System (subscribe via mail to
"security-alert () sun com" with the subject ("subscribe CWS <your-addr>").
I'll also post it here and on comp.security.unix.

-mg-

p.s. Thanks to all who have proferred suggestions.

      /\
     \\ \        Mark G. Graff
    \ \\ /       Sun Security Coordinator
   / \/ / /      MS MPK3
  / /   \//\     2550 Garcia Avenue
  \//\   / /     Mountain View, CA 94043-1100
   / / /\ /      Phone: 415-688-9151
    / \\ \       Email: mark.graff () Sun COM
     \ \\               security-alert () sun com
      \/

Current thread:

Re: Patch for 8lgm syslog/sendmail vulnerability, 4.4lite machines Don Lewis (Aug 29)
- <Possible follow-ups>
- Re: Patch for 8lgm syslog/sendmail vulnerability, 4.4lite machines Mark Graff (Aug 30)