Re: CERT Alert on new sendmail bug - any info?

neillegless.demon.co.uk

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Paul Ashton: "Re: BUGTRAQ ALERT: Solaris 2.x vulnerability"
• Previous message: Ben Golding: "Re: CERT Alert on new sendmail bug - any info?"
• In reply to: Dr. Frederick B. Cohen: "CERT Alert on new sendmail bug - any info?"
• Next in thread: Dr. Frederick B. Cohen: "Re: CERT Alert on new sendmail bug - any info?"

>
> I just got the new sendmail bug alert from CERT, and of course
> it may affect my configuration - which leads to the question, does
> anybody know what the problem is so I can temporarily defend my system?
>
> --
> -> See: Info-Sec Heaven at URL http://all.net
> Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236
>

You could try using something like SATAN to test your sendmail
configuration (although I haven't tried it personally).

Also I seem to remember there was a web site advertised a while back
which offers a scanning service to probe your site for known bugs.
Looking back thru bugtraq archives should reveal the page.

Cheers,

Neil
--
Let the Mystery Be, So Watcha Want, Longing In Their Hearts, Hate My Way,
M-Bike, Safari, Uncle June and Aunt Kiyoti, Daisy Dead Petals, Tuff Gnarl.

     ...like a badger with an afro throwing sparklers at the Pope...

• Next message: Paul Ashton: "Re: BUGTRAQ ALERT: Solaris 2.x vulnerability"
• Previous message: Ben Golding: "Re: CERT Alert on new sendmail bug - any info?"
• In reply to: Dr. Frederick B. Cohen: "CERT Alert on new sendmail bug - any info?"
• Next in thread: Dr. Frederick B. Cohen: "Re: CERT Alert on new sendmail bug - any info?"