Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq: Re: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2).

Re: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2).

From: Bryan Reece <reece_at_taz.nceye.net>
Date: Sun, 17 Nov 1996 19:19:43 -0000

From: Alan Brown <alan_at_manawatu.gen.nz>

   How many of these exploits are thwarted by setting sendmail.cf's
   O RunAsUser=postmaster switch, making /var/spool/mail and var/spool/mqueue
   664 postmaster.mail and giving postmaster a shell of /bin/false (C
   version, compiled -Bstatic.)

Not quite as many as simply getting rid of sendmail and using
something else. Has there ever been a security-related problem with
qmail?
Received on Nov 17 1996

This message: [ Message body ]
Next message: Eric Augustus: "Digital Unix v3.x (v4.x?) security vulnerability"
Previous message: Alan Brown: "Re: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2)."
In reply to: Alan Brown: "Re: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2)."
Next in thread: Simon Karpen: "Re: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2)."
Reply: Simon Karpen: "Re: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2)."
Reply: Aleph One: "Ascend Killer Program"
Reply: Jeremy Elson: "Serious hole in Solaris 2.5[.1] gethostbyname() (exploit included)"
Reply: Seo Euiseong: "Magic password of some linux-box(Hardware..)"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]