[1378] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

[linux-security] Sendmail bug

daemon@ATHENA.MIT.EDU (Horvath Andras)
Thu Jan 16 07:05:55 1997

Date: Wed, 15 Jan 1997 16:57:43 +0100 (MET)
From: Horvath Andras <raas@balu.sch.bme.hu>
Reply-To: Horvath Andras <raas@balu.sch.bme.hu>
To: linux-security@redhat.com
In-Reply-To: <199701132306.RAA25380@oak.zilker.net>
Resent-From: linux-security@redhat.com

Hi,

I have recently heard of a remote root exploit in sendmail-8.8.4, but nor
this list neither bugtraq had talked about the problem. Is there REALLY a
bug, or is this just a false fire?

I changed to qmail anyway which, I realised, suits my needs much better.

To the xinetd thread: I use xinetd, and found it much more secure than the
simple inetd. I haven't tried, but maybe you can still filter
things through tcp-wrappers with 

	server=/usr/sbin/tcpd
	server_args=/here/or/there/whatever

if there any need or use :)

Regards,
	raas


home help back first fref pref prev next nref lref last post