Bugtraq mailing list archives
Re: udp packet storms - ping death
From: bkelley () hpnmcldg cup hp com (Bob Kelley)
Date: Fri, 04 Nov 1994 9:47:03 PST
To test this, remove your aliases.pag and aliases.dir and run 'newaliases'. If the files reappear as 666, your sendmail is vulnerable. The default Sun 4.1.3_U1 sendmail is vulnerable and at the time I sent it in, Unicos sendmail was also vulnerable, as well as others, I'm sure. BTW: I sent this to CERT and CIAC over a year ago, and it doesn't appear to be fixed yet (at least not by Sun).Vendors aim to fix bugs within 15 years of them being reported. Just hang on in there and they'll get around to yours...
Hi, It isn't a problem in HP-UX 8.x or 9.x which are the versions that are supported (or the versions I at least claim to support.) I'm not claiming that we've addressed all network problems, but I am trying...in the past year, our HP sendmail has had about 6 patches covering maybe 60 issues so at this point I think we've addressed most of the pending sendmail security issues (I'm sure there are plenty more that I haven't heard of, sendmail being what it is.) flame away... Bob Kelley HP-UX Networking bkelley () cup hp com
Current thread:
- Re: udp packet storms - ping death jim () Tadpole COM (Nov 03)
- <Possible follow-ups>
- Re: udp packet storms - ping death Bob Kelley (Nov 04)
- Re: udp packet storms - ping death Mark C. Henderson (Nov 05)
- Re: udp packet storms - ping death jim () Tadpole COM (Nov 07)