Re: Sendmail 8.6.12 hole & smrsh

Casper Dik (casper@Holland.Sun.COM)
Thu, 12 Oct 1995 15:16:38 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Paul Ferguson: "Edupage, 12 October 1995 (fwd)"
Previous message: Janis Lacis: "Sendmail 8.6.12 hole & smrsh"
In reply to: Janis Lacis: "Sendmail 8.6.12 hole & smrsh"

>>Who knows what the root-shell-giving security hole is in Sendmail 8.6.12
>>that was incompletely patched in 8.7, and (supposedly) finally patched
>>in 8.7.1?
>
>I wonder if the attack is still possible if there is a "smrsh" shell
>installed instead of "sh" in sendmail.cf ?


Yes.  The syslog() hole exploits don't care whether you have installed
smrsh or not.  The only thing that helps is a patched syslog(),
something you'll need anyway for your other daemons, or sendmail 8.7.1
and that only works if you have a syslog() with an internal buffersize
with 1024 bytes (i.e., if you haev a smaller interner buffer, you
may be out of luck anyway)

Casper

Next message: Paul Ferguson: "Edupage, 12 October 1995 (fwd)"
Previous message: Janis Lacis: "Sendmail 8.6.12 hole & smrsh"
In reply to: Janis Lacis: "Sendmail 8.6.12 hole & smrsh"