Re: Sendmail 8.6.10: what's different?

Peter Wemm (peter@haywire.DIALix.COM)
Fri, 24 Feb 1995 20:16:42 +0800 (WST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Christian Wettergren: "Re: Sendmail 8.6.10: what's different?"
Previous message: Thomas Lopatic: "Re: NCSA httpd 1.3"
In reply to: Igor V. Semenyuk: "Re: Sendmail 8.6.10: what's different?"
Next in thread: Peter Wemm: "Re: Sendmail 8.6.10: what's different?"

On Fri, 24 Feb 1995, Igor V. Semenyuk wrote:
> 
> Does anyone know if IDA sendmail is vulnerable? CERT advisory
> doesn't mention it - is it because IDA considered obsoleted or
> because it is clean?

One would be safer to assume it is vulnerable until it's proven safe...  

Eric did say "probably all sendmail's, including most vendor's version 5 
derived ones" - IDA is a version 5 sendmail derivative too.

If it was fixed in IDA first, the chances are that somebody going through 
the RCS logs would have picked this up ages ago..

-Peter

Next message: Christian Wettergren: "Re: Sendmail 8.6.10: what's different?"
Previous message: Thomas Lopatic: "Re: NCSA httpd 1.3"
In reply to: Igor V. Semenyuk: "Re: Sendmail 8.6.10: what's different?"
Next in thread: Peter Wemm: "Re: Sendmail 8.6.10: what's different?"