Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
RE: [ISSForum] ISS Security Brief: Remote Sendmail Header Process ing Vulnerability
Date: Tue Mar 04 2003 - 05:16:50 CST
> as the RS signature was included in XPU 20.9 (released in January)
> why was the "official" advisory held back till now?
Presumably to allow folks to patch and release a secured version of
Sendmail. X-Force have been slated for pre-announcing vulnerabilities
in the past - this time they have waited and all credit for that.
There was no real detail in the XPU help file that would help to
write an exploit (I would not be surprised if it was deliberately
vague), but it is better to have done things this way around.
Robert Turner GCIA
Security Solutions Designer & Analyst
BT Secure Business Services
T: +44 (0)113 244 5951 F: +44 (0)113 244 5657
== # include std.disclaimer =====================================
British Telecommunications plc
Registered office: 81 Newgate Street London EC1A 7AJ
Registered in England no. 1800000
This electronic message contains information from British
Telecommunications plc which may be privileged or confidential.
The information is intended to be for the use of the individual(s)
or entity named above. If you are not the intended recipient be
aware that any disclosure, copying, distribution or use of the
contents of this information is prohibited. If you have received
this electronic message in error, please notify us by telephone
or email (to the numbers or address above) immediately.
Activity and use of the British Telecommunications plc E-mail
system is monitored to secure its effective operation and for
other lawful business purposes. Communications using this system
will also be monitored and may be recorded to secure effective
operation and for other lawful business purposes.
ISSForum mailing list
TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo