Re: new sendmail bug?

Quentin Fennessy (Quentin.Fennessy@SEMATECH.Org)
Thu, 23 Feb 1995 13:19:05 -0600

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Julian Assange: "Re: snooper watchers"
Previous message: robert owen thomas: "Re: Sendmail 8.6.9 security hole"
Maybe in reply to: James W. Abendschan: "new sendmail bug?"
Next in thread: Neil Woods: "Re: new sendmail bug?"

Michael Van Norman <mvn@Library.UCLA.EDU> said:

> The method I exploited was that of using newlines in the command
> options.  By imbedding newlines in the recipient address, it is
> possible to write extra lines to sendmail's queue file.  Carefully
> chosen additions will let you run an arbitrary program as an arbitrary
> user (except maybe root -- I cracked bin).

That is good news, Michael.  Seeing as this is a full-disclosure
list would you please publish details so we can test our own systems?
After all, computer science is an experimental science...

Quentin Fennessy

Next message: Julian Assange: "Re: snooper watchers"
Previous message: robert owen thomas: "Re: Sendmail 8.6.9 security hole"
Maybe in reply to: James W. Abendschan: "new sendmail bug?"
Next in thread: Neil Woods: "Re: new sendmail bug?"