Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: OpenServer 5.0.6 OpenServer 5.0.7 : Multiple Vulnerabilities in Sendmail
From: George Capehart <gwc () acm org>
Date: Thu, 29 Jul 2004 18:07:08 -0400

On Wednesday 28 July 2004 16:10, please_reply_to_security () sco com 
allegedly wrote:
_____________________________________________________________________
_________

                      SCO Security Advisory

Subject:              OpenServer 5.0.6 OpenServer 5.0.7 : Multiple
Vulnerabilities in Sendmail Advisory number:  SCOSA-2004.11
Issue date:           2004 July 28
Cross reference:      sr876461 fz527630 erg712277 CAN-2003-0161 CA-2003-12
                      sr884730 fz528323 erg712435 CAN-2003-0694 CA-2003-25
_____________________________________________________________________
_________


1. Problem Description

      CERT Advisory CA-2003-12

      There is a vulnerability in sendmail that can be exploited
      to cause a denial-of-service condition and could allow a
      remote attacker to execute arbitrary code with the privileges
      of the sendmail daemon, typically root.

This advisory was issued on March 29, 2003.  That was /*sixteen*/ MONTHS 
ago . . . C'mon, guys!

-- 
George W. Capehart

Key fingerprint:  3145 104D 9579 26DA DBC7  CDD0 9AE1 8C9C DD70 34EA

"With sufficient thrust, pigs fly just fine."  -- RFC 1925


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]