>Who knows what the root-shell-giving security hole is in Sendmail 8.6.12 >that was incompletely patched in 8.7, and (supposedly) finally patched >in 8.7.1? It's just syslog() overruning the stack again. There's also another problem which causes the datas segment to be overrun, but that's not as easy to abuse (if at all). Casper