Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Re: Sendmail 8.7, 8.7.1
From: andrew () andy alt za (Andrew Cameron)
Date: Tue, 10 Oct 1995 21:17:33 +0200

On Tue, 10 Oct 1995, Casper Dik wrote:


Who knows what the root-shell-giving security hole is in Sendmail 8.6.12
that was incompletely patched in 8.7, and (supposedly) finally patched
in 8.7.1?


It's just syslog() overruning the stack again.  There's also another problem
which causes the datas segment to be overrun, but that's not as easy
to abuse (if at all).

Casper


When is someone going to make the code available to verify the Syslog bug
for Sunos 4.1.3

I have a person at work who refuses to apply the patches to his Sunos
System until we can prove to him that a bug exists.

-----------------------------------------------------------------------------

Andrew Cameron
Internet: andrew () andy alt za
X.400: C=ZA G=Andrew S=Cameron Admd=TELKOM400

----------------------------------------------------------------------------

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]