Re: Sendmail details ?

newshamwiliki.eng.hawaii.edu

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Perry E. Metzger: "[rickmsc.cornell.edu: AFS 3.3 ftpd security problem]"
• Previous message: Karl Strickland: "Re: Sendmail details ?"

> How about sum details regarding how sendmail -d can be abused to get root access
> ? I wud really appreciate it if the ppl. on this list got more technical and
> less full of B***S**t .... this is not a CERT list or sumthing . so let us be open.
> 
> I have had problems in the past with sendmail (the pipe to program disaster), and
> wud like to be on the right side of the fence for once.
> 
> Thanx,
> 
> Manish.
> 

This mail is dated Mar 16 so maybe it wasnt released back then but
there was a full technical discussion of this hole as well as a
sample exploit script posted.  

• Next message: Perry E. Metzger: "[rickmsc.cornell.edu: AFS 3.3 ftpd security problem]"
• Previous message: Karl Strickland: "Re: Sendmail details ?"