Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

sendmail vunerability?
From: "nag" <malazaba () o2 pl>
Date: Tue, 19 Nov 2003 13:55:40 +0100

charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000

there is some rumor spreading about new sendmail vulnerability. i do not see
any news at www.sendmail.org but supposedly ths is remote buffer overflow.
i received the patch (see below), but o not have any exploit, so please
don't mail me about it.

does this look legitimate? any comments? is this something old? is
this some scam backdoor?

--- parseaddr.c 18 Jan 2003 00:41:48 -0000 8.359.2.4
+++ parseaddr.c 20 Mar 2003 12:20:43 -0000

@@ -709,7 +710,7 @@
}

/* read a new input character bin/ mail/ public_html/ src/ tmp/
- c = *p++;
+ c = (unsigned char)(*p++);
if (c == '\0')
{
/* diagnose and patch up bad syntax bin/ mail/ public_html/ src/ tmp/

-----------
--- nag ---
-----------
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]