Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Sendmail 8.6.12 hole & smrsh
From: janis () MII LU LV (Janis Lacis)
Date: Thu, 12 Oct 1995 14:01:09 -0200


Who knows what the root-shell-giving security hole is in Sendmail 8.6.12
that was incompletely patched in 8.7, and (supposedly) finally patched
in 8.7.1?


I wonder if the attack is still possible if there is a "smrsh" shell
installed instead of "sh" in sendmail.cf ?

--     Janis Lacis, LATNET administrator,
  Institute of Mathematics
           and Computer Science,
  University of Latvia
  Rainis boulevard 29, Riga                Phone: +3712-212427
  LV-1459,Latvia                             Fax: +3718-820153
                   E-mail: janis () mii lu lv
==========================================================================

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]