[29172] in bugtraq
Re: Sendmail testing tool.
daemon@ATHENA.MIT.EDU (David Huecking)
Tue Mar 4 15:52:45 2003
From: David Huecking <d.huecking@gmx.net>
To: bugtraq@securityfocus.com
Date: Tue, 4 Mar 2003 21:32:47 +0100
In-Reply-To: <Pine.LNX.4.44.0303032332150.25833-100000@Temple.Syrinx.Org>
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
Content-Disposition: inline
Message-Id: <200303042132.47407.d.huecking@gmx.net>
Seen on
http://www.sendmail.org/patchcr.html
To check whether the new sendmail binary contains the patch, run this command
(in the directory where the binary is located):
strings sendmail | grep 'Dropped invalid comments from header address'
The command must print the string
Dropped invalid comments from header address
On Dienstag, 4. März 2003 00:34, Jon Larabee wrote:
> Sorry for my ignorance as I have just patched sendmail for the currently
> new vunerability in 8.12.7 and below. Is there a test tool yet so that I
> could verify that the patch took and that the exploit has been taken care
> of?
--
Eat, sleep and go running,
David Huecking.
Encrypted eMail welcome!
GnuPG/ PGP-Key: 0x57809216. Fingerprint:
3DF2 CBE0 DFAA 4164 02C2 4E2A E005 8DF7 5780 9216
