Re: Sendmail details ?

Timothy Newsham (newsham@wiliki.eng.hawaii.edu)
Thu, 7 Apr 1994 18:43:33 -1000 (HST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Perry E. Metzger: "[rick@msc.cornell.edu: AFS 3.3 ftpd security problem]"
Previous message: Karl Strickland: "Re: Sendmail details ?"
In reply to: Manish N. Dharwadker: "Sendmail details ?"

> How about sum details regarding how sendmail -d can be abused to get root access
> ? I wud really appreciate it if the ppl. on this list got more technical and
> less full of B***S**t .... this is not a CERT list or sumthing . so let us be open.
> 
> I have had problems in the past with sendmail (the pipe to program disaster), and
> wud like to be on the right side of the fence for once.
> 
> Thanx,
> 
> Manish.
> 

This mail is dated Mar 16 so maybe it wasnt released back then but
there was a full technical discussion of this hole as well as a
sample exploit script posted.

Next message: Perry E. Metzger: "[rick@msc.cornell.edu: AFS 3.3 ftpd security problem]"
Previous message: Karl Strickland: "Re: Sendmail details ?"
In reply to: Manish N. Dharwadker: "Sendmail details ?"