> How about sum details regarding how sendmail -d can be abused to get root access > ? I wud really appreciate it if the ppl. on this list got more technical and > less full of B***S**t .... this is not a CERT list or sumthing . so let us be open. > > I have had problems in the past with sendmail (the pipe to program disaster), and > wud like to be on the right side of the fence for once. > > Thanx, > > Manish. > This mail is dated Mar 16 so maybe it wasnt released back then but there was a full technical discussion of this hole as well as a sample exploit script posted.