Bugtraq mailing list archives
Re: Sendmail 8.8.x/8.9.x bugware
From: lcamtuf () IDS PL (Michal Zalewski)
Date: Mon, 18 Jan 1999 18:04:08 +0100
On Mon, 18 Jan 1999, Olaf Seibert wrote:
550 <rhialto () hacker some place else@victim.some.where>... Relaying denied
As you noticed, relaying is denied in your configuration ;P This attack is possible if relaying is enabled, and it allows multiple redirections trough protected or external networks, which shouldn't be allowed. For clearance - this problem IS PRESENT FOR SURE in 8.9.2, as well as DoS attack described in previous mail... If Sendmail developers don't believe me, I can post an exploit here, but iyt isn't really necessary, imho.... _______________________________________________________________________ Michal Zalewski [lcamtuf () ids pl] [ENSI / marchew] [dione.ids.pl SYSADM] [http://linux.lepszy.od.kobiety.pl/~lcamtuf/] <=--=> bash$ :(){ :|:&};: [voice phone: +48 (0) 22 813 25 86] ? [pager (MetroBip): 0 642 222 813] Iterowac jest rzecza ludzka, wykonywac rekursywnie - boska [P. Deutsch]
Current thread:
- New IE4 privacy issue, (continued)
- New IE4 privacy issue aleph1 () UNDERGROUND ORG (Jan 25)
- Re: SSH 1.x and 2.x Daemon Jim Bourne (Jan 25)
- Re: backdoored tcp wrapper source code Wietse Venema (Jan 23)
- LocalSecure Testing Program NSS SDT (Jan 21)
- Re: backdoored tcp wrapper source code John Stange (Jan 24)
- Advisory: IIS FTP Exploit/DoS Attack Marc (Jan 24)
- Re: Advisory: IIS FTP Exploit/DoS Attack Seth McGann (Jan 24)
- Re: Advisory: IIS FTP Exploit/DoS Attack Matt Conover (Jan 25)
- IIS Advisory Marc (Jan 24)
- Re: Sendmail 8.8.x/8.9.x bugware Brock Rozen (Jan 18)
- Linux 2.0.36 vulnerable to local port/memory DoS attack David Schwartz (Jan 19)
- Re: Sendmail 8.8.x/8.9.x bugware Steve VanDevender (Jan 19)