Sendmail hole ?

Manish N. Dharwadker (manish@cast.uark.edu)
Fri, 8 Apr 94 8:48:41 CDT

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Keith Bostic: "Re: patch for the race condition security problem in /bin/mail"
Previous message: Perry E. Metzger: "[rick@msc.cornell.edu: AFS 3.3 ftpd security problem]"
Next in thread: Pat Myrto: "Re: Sendmail hole ?"

> 
> 
> How about sum details regarding how sendmail -d can be abused to get root access
> ? I wud really appreciate it if the ppl. on this list got more technical and
> less full of B***S**t .... this is not a CERT list or sumthing . so let us be open.
> 
> I have had problems in the past with sendmail (the pipe to program disaster), and
> wud like to be on the right side of the fence for once.
> 
> Thanx,
> 
> Manish.
> 

Excuse me for upsetting the sensiblilities of ppl. on this list but this
was posted to the list on march 16 when no details were available.

Subsequently I got the details and have archived them.

I really think that details should be posted as soon as possible as
I have been a victim of a alleged p0sse rm -rf and a lame system
administrator.

-- Manish.

Next message: Keith Bostic: "Re: patch for the race condition security problem in /bin/mail"
Previous message: Perry E. Metzger: "[rick@msc.cornell.edu: AFS 3.3 ftpd security problem]"
Next in thread: Pat Myrto: "Re: Sendmail hole ?"