Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1994_1

Bugtraq archives for 1st quarter (Jan-Mar) 1994: anyone know details?

anyone know details?

Perry E. Metzger (pmetzgerlehman.com)
Tue, 15 Mar 1994 14:58:10 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Perry E. Metzger: "so..."
Previous message: *Hobbit*: "rdist"

Xref: lehman.com comp.mail.sendmail:11850 comp.security.unix:3365
Path: lehman.com!uupsi!psinntp!news.columbia.edu!sol.ctr.columbia.edu!howland.reston.ans.net!agate!CS.Berkeley.EDU!eric
From: ericCS.Berkeley.EDU (Eric Allman)
Newsgroups: comp.mail.sendmail,comp.security.unix
Subject: sendmail 8.6.7 released
Date: 14 Mar 1994 17:52:56 GMT
Organization: UC Berkeley Mammoth Project
Lines: 11
Sender: ericmastodon.CS.Berkeley.EDU (Eric Allman)
Distribution: world
Message-Id: <2m289o$creagate.berkeley.edu>
Reply-To: ericCS.Berkeley.EDU
NNTP-Posting-Host: mastodon.cs.berkeley.edu

I regret that someone reported a nasty security problem to me less
that 24 hours after I released sendmail 8.6.6.  This bug is present
in all sendmail version 8 versions prior to 8.6.7, as well as in
many vendor versions.  It does not exist in IDA sendmail.  I urge
you to upgrade before the cracker scripts start circulating around
the network.  Sorry for the inconvenience -- I only heard about this
an hour ago myself.

Sendmail 8.6.7 is available on FTP.CS.Berkeley.EDU in /ucb/sendmail.

eric

Next message: Perry E. Metzger: "so..."
Previous message: *Hobbit*: "rdist"