[2298] in bugtraq
Re: Sendmail 8.7, 8.7.1
daemon@ATHENA.MIT.EDU (Andrew Cameron)
Tue Oct 10 16:47:15 1995
Date: Tue, 10 Oct 1995 21:17:33 +0200
Reply-To: Bugtraq List <BUGTRAQ@CRIMELAB.COM>
From: Andrew Cameron <andrew@andy.alt.za>
X-To: Bugtraq List <BUGTRAQ@CRIMELAB.COM>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@CRIMELAB.COM>
In-Reply-To: <9510100815.AA15978@aft-ms.Holland.Sun.COM>
On Tue, 10 Oct 1995, Casper Dik wrote:
> >Who knows what the root-shell-giving security hole is in Sendmail 8.6.12
> >that was incompletely patched in 8.7, and (supposedly) finally patched
> >in 8.7.1?
>
> It's just syslog() overruning the stack again. There's also another problem
> which causes the datas segment to be overrun, but that's not as easy
> to abuse (if at all).
>
> Casper
>
When is someone going to make the code available to verify the Syslog bug
for Sunos 4.1.3
I have a person at work who refuses to apply the patches to his Sunos
System until we can prove to him that a bug exists.
-----------------------------------------------------------------------------
Andrew Cameron
Internet : andrew@andy.alt.za
X.400 : C=ZA G=Andrew S=Cameron Admd=TELKOM400
----------------------------------------------------------------------------
