[89549] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition

daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Sat Mar 25 00:58:01 2006

Date: Sat, 25 Mar 2006 00:57:31 -0500
From: "Steven M. Bellovin" <smb@cs.columbia.edu>
To: Gadi Evron <ge@linuxbox.org>
Cc: Valdis.Kletnieks@vt.edu, nanog@merit.edu
In-Reply-To: <4424AD4F.7000908@linuxbox.org>
Errors-To: owner-nanog@merit.edu

On Sat, 25 Mar 2006 04:39:11 +0200, Gadi Evron <ge@linuxbox.org> wrote:

> 
> Valdis.Kletnieks@vt.edu wrote:
> > Well, it *is* mostly a theoretical overflow - for it to work, a site would have to:
> 
> Exploit is out there. How long did that take?
> 
Is the exploit actually effective in the wild?  The conditions Valdis
spoke of are improbable -- are there actually vulnerable sites?  Or is
the attack much easier than he had indicated?

		--Steven M. Bellovin, http://www.cs.columbia.edu/~smb


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[89549] in North American Network Operators' Group

Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition

daemon@ATHENA.MIT.EDU (Steven M. Bellovin)Sat Mar 25 00:58:01 2006

daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Sat Mar 25 00:58:01 2006