[1378] in linux-security and linux-alert archive
[linux-security] Sendmail bug
daemon@ATHENA.MIT.EDU (Horvath Andras)
Thu Jan 16 07:05:55 1997
Date: Wed, 15 Jan 1997 16:57:43 +0100 (MET)
From: Horvath Andras <raas@balu.sch.bme.hu>
Reply-To: Horvath Andras <raas@balu.sch.bme.hu>
To: linux-security@redhat.com
In-Reply-To: <199701132306.RAA25380@oak.zilker.net>
Resent-From: linux-security@redhat.com
Hi,
I have recently heard of a remote root exploit in sendmail-8.8.4, but nor
this list neither bugtraq had talked about the problem. Is there REALLY a
bug, or is this just a false fire?
I changed to qmail anyway which, I realised, suits my needs much better.
To the xinetd thread: I use xinetd, and found it much more secure than the
simple inetd. I haven't tried, but maybe you can still filter
things through tcp-wrappers with
server=/usr/sbin/tcpd
server_args=/here/or/there/whatever
if there any need or use :)
Regards,
raas