Hi there..
> In August last year 8LGM released an advisory warning about a syslog
> vulnerability. Something to do with a buffer overflow and passing commands
> to a remote site. The advisory said that exploit would not be released yet,
> in order to give time to vendors to issue patches. Now I understand that
> some vendors are pretty slow in acknowledging security problems but it
> sounds like they had enough time by now.
> Anyone considering posting details on this full disclosure list ?
the sendmail_wrapper.c was updated to prevent this bug, thats about it I
know about sendmail, if you're looking for cure, get this wrapper, it can
be found at any sendmail site. Hope it helps...
Best regards, Gunni...
gunni_at_if.is
=========================================================================
Gunnar Ingvi Þórisson E-Mail address: gunni_at_if.is
Kerfisstjóri, system administrator
Íslensk forritaþróun hf.
Suðurlandsbraut 4, IS-108 Reykjavík, Ísland
Sími: (+354) 588-1511 Fax: (+354) 588-8728
=========================================================================
Received on Jun 25 1996
Intro
