Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: sendmail vunerability?
From: Timo Sirainen <tss () iki fi>
Date: 29 Mar 2003 09:52:29 +0200

On Wed, 2003-11-19 at 14:55, nag wrote:
there is some rumor spreading about new sendmail vulnerability. i do not see
any news at www.sendmail.org but supposedly ths is remote buffer overflow.
i received the patch (see below), but o not have any exploit, so please
don't mail me about it.

does this look legitimate? any comments? is this something old? is
this some scam backdoor?

Assuming the address can contain high-ascii characters and it can be
more than twice as long as pvpbsize, this is exploitable. I don't know
if those conditions are prevented anywhere. Pretty interesting hole
anyway, took a while to figure it out.

Another problem may be that it calls isspace() and isascii() for
negative values. Some systems don't like that.

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]