[3093] in WWW Security List Archive
Re: About "CIA Web Page Hacked"
daemon@ATHENA.MIT.EDU (hallam@ai.mit.edu)
Thu Sep 26 14:30:59 1996
From: hallam@ai.mit.edu
To: adam@homeport.org
Cc: hallam@ai.mit.edu, WWW-SECURITY@ns2.rutgers.edu
In-Reply-To: Your message of "Thu, 26 Sep 96 07:19:40 CDT."
<199609261219.HAA03543@homeport.org>
Date: Thu, 26 Sep 96 12:10:12 -0400
Errors-To: owner-www-security@ns2.rutgers.edu
> Read the
>numerous CERT sendmail advisories, looking for 'not affected' lines.
>There aren't many. Most vendors add 'features' not security.
CERT listed many platforms which I know for a fact do not ship
any recent version. I have just installed vesions 3.2C,D, G and
version 4.0 of Digital UNIX and they all came up with sendmail 5.65
Mind you Dec tend to be better than most. There are vendors that
ship the latest sendmail but they tend to be the ones whose product
I wouldn't touch with a bargepole either.
> I'm looking at qmail, but have yet to find time for a formal
>review of it, and worry about a program with a low revision number.
I've been hearing good things about PDMF. I may try an install.
Phill
