<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Bugtraq: Sendmail 8.6.12 hole & smrsh

Sendmail 8.6.12 hole & smrsh

From: Janis Lacis <janis_at_MII.LU.LV>
Date: Thu, 12 Oct 1995 14:01:09 -0200

>Who knows what the root-shell-giving security hole is in Sendmail 8.6.12
>that was incompletely patched in 8.7, and (supposedly) finally patched
>in 8.7.1?

I wonder if the attack is still possible if there is a "smrsh" shell
installed instead of "sh" in sendmail.cf ?

-- Janis Lacis, LATNET administrator,
  Institute of Mathematics
           and Computer Science,
  University of Latvia
  Rainis boulevard 29, Riga Phone: +3712-212427
  LV-1459,Latvia Fax: +3718-820153
                   E-mail: janis_at_mii.lu.lv
==========================================================================
Received on Oct 12 1995

This message: [ Message body ]
Next message: Casper Dik: "Re: Sendmail 8.6.12 hole & smrsh"
Previous message: Frank Stuart: "Re: Netscape problems (again)..."
Maybe in reply to: Jay 'Whip' Grizzard: "Netscape problems (again)..."
Next in thread: Casper Dik: "Re: Sendmail 8.6.12 hole & smrsh"
Reply: Casper Dik: "Re: Sendmail 8.6.12 hole & smrsh"
Reply: Paul Ferguson: "Edupage, 12 October 1995 (fwd)"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]