Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1995_4

Bugtraq archives for 4th quarter (Oct-Dec) 1995: Re: Sendmail 8.7, 8.7.1

Re: Sendmail 8.7, 8.7.1

Casper Dik (casperHolland.Sun.COM)
Tue, 10 Oct 1995 09:14:51 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: SnoCrash: "Re: Sendmail 8.7, 8.7.1"
Previous message: Charles Howes: "Sendmail 8.7, 8.7.1"
In reply to: Charles Howes: "Sendmail 8.7, 8.7.1"
Next in thread: SnoCrash: "Re: Sendmail 8.7, 8.7.1"

>Who knows what the root-shell-giving security hole is in Sendmail 8.6.12
>that was incompletely patched in 8.7, and (supposedly) finally patched
>in 8.7.1?

It's just syslog() overruning the stack again.  There's also another problem
which causes the datas segment to be overrun, but that's not as easy
to abuse (if at all).

Casper

Next message: SnoCrash: "Re: Sendmail 8.7, 8.7.1"
Previous message: Charles Howes: "Sendmail 8.7, 8.7.1"
In reply to: Charles Howes: "Sendmail 8.7, 8.7.1"
Next in thread: SnoCrash: "Re: Sendmail 8.7, 8.7.1"