Bugtraq mailing list archives
Sendmail 8.6.12 hole & smrsh
From: janis () MII LU LV (Janis Lacis)
Date: Thu, 12 Oct 1995 14:01:09 -0200
Who knows what the root-shell-giving security hole is in Sendmail 8.6.12 that was incompletely patched in 8.7, and (supposedly) finally patched in 8.7.1?
I wonder if the attack is still possible if there is a "smrsh" shell installed instead of "sh" in sendmail.cf ? -- Janis Lacis, LATNET administrator, Institute of Mathematics and Computer Science, University of Latvia Rainis boulevard 29, Riga Phone: +3712-212427 LV-1459,Latvia Fax: +3718-820153 E-mail: janis () mii lu lv ==========================================================================
Current thread:
- Sendmail 8.6.12 hole & smrsh Janis Lacis (Oct 12)
- Re: Sendmail 8.6.12 hole & smrsh Casper Dik (Oct 12)
- Edupage, 12 October 1995 (fwd) Paul Ferguson (Oct 13)