[3961] in bugtraq
BoS: Re: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2). (fwd)
daemon@ATHENA.MIT.EDU (Helmut Springer)
Sun Jan 26 06:18:32 1997
Date: Sat, 16 Nov 1996 14:29:47 +0100
Reply-To: Helmut Springer <delta@RUS.UNI-STUTTGART.DE>
From: Helmut Springer <delta@RUS.UNI-STUTTGART.DE>
To: BUGTRAQ@netspace.org
Ade Barkah wrote:
From daemon Sat Nov 16 10:41:47 1996
Resent-Date: Sat, 16 Nov 1996 20:23:43 +1100
Old-X-Envelope-From: mbarkah@hemi.com Sat Nov 16 19:00:23 1996
From: Ade Barkah <mbarkah@hemi.com>
Message-Id: <199611160759.AAA09428@hemi.com>
To: security-officer@freebsd.org
Date: Sat, 16 Nov 1996 00:59:43 -0700 (MST)
Cc: best-of-security@suburbia.net
In-Reply-To: <199611160110.EAA04168@leshka.chuvashia.su> from "Leshka Zakharoff" at Nov 16, 96 04:10:16 am
X-Mailer: ELM [version 2.4 PL24]
Content-Type: text
Approved: proff@suburbia.net
Resent-Message-ID: <"CRpMg2.0.7v2.TWOZo"@suburbia>
Resent-From: best-of-security@suburbia.net
X-Mailing-List: <best-of-security@suburbia.net> archive/latest/508
X-Loop: best-of-security@suburbia.net
Precedence: list
Resent-Sender: best-of-security-request@suburbia.net
Subject: BoS: Re: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2).
> # This is exploit for sendmail smtpd bug
> # (ver. 8.7-8.8.2 for FreeBSD, Linux and may be other platforms).
Being very early in the morning on a Friday night and not having
time yet to really look at the problem, below is my quick hack that
appears to solve the problem (note, this *is* a hack, but at least
it will deter naive users with the exploit script). The patch is
relative to 8.8.2.
Regards,
-Ade Barkah
ps. We don't use a smtpd link anyway.
-------------------------------------------------------------------
Inet: mbarkah@hemi.com - HEMISPHERE ONLINE - <http://www.hemi.com/>
-------------------------------------------------------------------
*** main.c.orig Sat Nov 16 00:51:39 1996
--- main.c Sat Nov 16 00:51:39 1996
***************
*** 496,503 ****
--- 496,505 ----
OpMode = MD_INITALIAS;
else if (strcmp(p, "mailq") == 0)
OpMode = MD_PRINT;
+ /*
else if (strcmp(p, "smtpd") == 0)
OpMode = MD_DAEMON;
+ */
else if (strcmp(p, "hoststat") == 0)
OpMode = MD_HOSTSTAT;
else if (strcmp(p, "purgestat") == 0)
--
helmut 'delta' springer Unix/Net Consulting, InfoSystems, StudBox
delta@RUS.Uni-Stuttgart.DE Stuttgart University, FRG
http://home.pages.de/~delta/
phone : +49 711 685-2003 "Freedom's just another word for
FAX : +49 711 685-2043 nothing left to lose" Kris Kristofferson
