|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Security problem in sendmail versions 8.x.x
Greg Woods (woods
ncar.ucar.edu)Wed, 16 Mar 94 10:02:24 MST
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: Rafi Sadowsky: "Re: rdist"
- Previous message: jddcdf.toronto.edu: "Re: Sendmail hole"
- In reply to: Benjamin Cline: "Security problem in sendmail versions 8.x.x"
My understanding is that the latest sendmail problem involves use of very large numbers (larger than the maximum value of a signed int but smaller than the max value of unsigned int) to the -d flag, which results in overwriting locations in memory before the debug array. It looks to me like this requires quite a bit of sophistication to exploit, but of course we all know that it won't be long before all the serious crackers know how to make use of it. The hole will allow an ordinary user already logged on to become root; there is no evidence that it can be exploited over an SMTP connection. --Greg
- Next message: Rafi Sadowsky: "Re: rdist"
- Previous message: jddcdf.toronto.edu: "Re: Sendmail hole"
- In reply to: Benjamin Cline: "Security problem in sendmail versions 8.x.x"