Bugtraq mailing list archives
Re: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2).
From: reece () taz nceye net (Bryan Reece)
Date: Sun, 17 Nov 1996 19:19:43 -0000
From: Alan Brown <alan () manawatu gen nz> How many of these exploits are thwarted by setting sendmail.cf's O RunAsUser=postmaster switch, making /var/spool/mail and var/spool/mqueue 664 postmaster.mail and giving postmaster a shell of /bin/false (C version, compiled -Bstatic.) Not quite as many as simply getting rid of sendmail and using something else. Has there ever been a security-related problem with qmail?
Current thread:
- Exploit for sendmail smtpd bug (ver. 8.7-8.8.2). Leshka Zakharoff (Nov 15)
- Re: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2). Kari E. Hurtta (Nov 17)
- Re: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2). Alan Brown (Nov 17)
- Digital Unix v3.x (v4.x?) security vulnerability Eric Augustus (Nov 16)
- Re: Digital Unix v3.x (v4.x?) security vulnerability hj () globecom net (Nov 17)
- Re: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2). Bryan Reece (Nov 17)
- Re: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2). Simon Karpen (Nov 17)
- Magic password of some linux-box(Hardware..) Seo Euiseong (Nov 17)
- rplayd on HPUX 10.1 Henrik P Johnson (Nov 19)
- Re: BoS: Magic password of some linux-box(Hardware..) Sergiu Popovici (Nov 19)
- Re: BoS: Magic password of some linux-box(Hardware..) Sergei A. Golubchik (Nov 19)
- Irix: root exploit for LicenseManager Yuri Volobuev (Nov 19)
- Re: BoS: Magic password of some linux-box(Hardware..) moost () xs4all nl (Nov 20)
- Ascend Killer Program Aleph One (Nov 17)
- Serious hole in Solaris 2.5[.1] gethostbyname() (exploit included) Jeremy Elson (Nov 18)
- Re: Serious hole in Solaris 2.5[.1] gethostbyname() (exploit Craig Raskin (Nov 18)
- Digital Unix v3.x (v4.x?) security vulnerability Eric Augustus (Nov 16)