[2045] in bugtraq
Re: SM 8.6.12
daemon@ATHENA.MIT.EDU (Mark A. Fullmer)
Thu Jul 13 18:43:44 1995
Date: Thu, 13 Jul 1995 10:02:02 -0400
Reply-To: maf@net.ohio-state.edu
From: "Mark A. Fullmer" <maf@net.ohio-state.edu>
X-To: BUGTRAQ@CRIMELAB.COM
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@CRIMELAB.COM>
In-Reply-To: <199507080906.CAA15574@statler.csc.calpoly.edu> from "Nathan
Lawson" at Jul 8, 95 02:06:53 am
Nathan Lawson writes:
>
>I would like to know if anyone has heard of the newest holes in sendmail 8.6.12.
>My details are sketchy, but once again, there is a remote, as well as local
>hole.
>
>Sendmail is convenient; convenience is evil!
A few weeks at the Cisco Networkers conference Bill Cheswick hinted at
a new found sendmail security problem in 8.6.12 which Eric had fixed in 8.7.
The 8.7 release notes contain:
SECURITY: avoid denial-of-service attacks possible by destroying
the alias database file by setting resource limits low.
This involves adding two new compile-time options:
HASSETRLIMIT (indicating that setrlimit(2) support is
available) and HASULIMIT (indicating that ulimit(2) support
is available -- the Release 3 form is used). The former
is assumed on BSD-based systems, the latter on System
V-based systems. Attack noted by Phil Brandenberger of
Swarthmore University.
Is this the problem, or is it worse? Eric?
--
mark
maf+@osu.edu
