Re: sendmail exploit script - resend

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Dave Horsfall: "Re: sendmail exploit script - resend"
• Previous message: Gene Spafford: "Re: calc.c, from jwa's sendmail exploit script"
• In reply to: james abendchan: "sendmail exploit script - resend"
• Next in thread: Dave Horsfall: "Re: sendmail exploit script - resend"

Thanks for making how that sendmail bug works clear to people such as myself.
Someone must have really spend some time working on that attack - i.e.,
DETERMINED.

While I cannot think of a way to ensure one does not put a similar
bug in programs, it does illustrate a need for checking all arguments
for range, including values < 0 or doing tests as unsigned values before
actually applying them to variables in the program.  Perhaps some people
can describe techniques to minimize such vulnerabilites - I doubt if they
can be totally blocked, just like one cannot be sure all bugs are out
of code and it will work as planned...

What is beyond me is how one figured OUT that attack in the first place,
and put it together.  Amazing.  And scary when one thinks there are
folks out there with OS source code who can look for similar vulnerabilities
in that code to apply in a like manner.

This does give an illustration of just what people will do to break in
where they shouldn't be.
-- 
pat@rwing  [If all fails, try:  rwing!pat@ole.cdac.com]  Pat Myrto - Seattle WA
"No one has the right to destroy another person's belief by demanding
empirical evidence."  --   Ann Landers, nationally syndicated advice columnist
and Director at Handgun Control Inc.

• Next message: Dave Horsfall: "Re: sendmail exploit script - resend"
• Previous message: Gene Spafford: "Re: calc.c, from jwa's sendmail exploit script"
• In reply to: james abendchan: "sendmail exploit script - resend"
• Next in thread: Dave Horsfall: "Re: sendmail exploit script - resend"