Full Disclosure mailing list archives
sendmail vunerability?
From: "nag" <malazaba () o2 pl>
Date: Tue, 19 Nov 2003 13:55:40 +0100
charset="iso-8859-1" Content-Transfer-Encoding: 8bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 there is some rumor spreading about new sendmail vulnerability. i do not see any news at www.sendmail.org but supposedly ths is remote buffer overflow. i received the patch (see below), but o not have any exploit, so please don't mail me about it. does this look legitimate? any comments? is this something old? is this some scam backdoor? --- parseaddr.c 18 Jan 2003 00:41:48 -0000 8.359.2.4 +++ parseaddr.c 20 Mar 2003 12:20:43 -0000 @@ -709,7 +710,7 @@ } /* read a new input character bin/ mail/ public_html/ src/ tmp/ - c = *p++; + c = (unsigned char)(*p++); if (c == '\0') { /* diagnose and patch up bad syntax bin/ mail/ public_html/ src/ tmp/ ----------- --- nag --- ----------- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- sendmail vunerability? nag (Mar 28)
- Re: sendmail vunerability? Timo Sirainen (Mar 29)