Bugtraq mailing list archives
Re: need more for sendmail VRFY and EXPN bug
From: jwa () nbs nau edu (James W. Abendschan)
Date: Tue, 14 May 1996 23:16:50 -0700
Way back on May 15, 12:33pm, Great Wall wrote:
Does anyone know more detail information about follow bug?
[ ... ]
The previous CIAC Bulletin G-09 referred to vulnerabilities with SMTP "EXPN" and "VRFY" commands. The SMTP vulnerability is a result of a vulnerability in syslog. The syslog(3) subroutine uses an internal buffer for building messages that are sent to the syslogd(8) daemon. The syslog subroutine does not check boundaries on data stored in this buffer. It is possible to overflow the internal buffer and rewrite the subroutine call stack. It is then possible to execute arbitrary programs.
Wasn't this the bug that 8LGM spoke about a long time ago? I too would like additional information; I haven't seen an exploit for this anywhere. James -- James W. Abendschan Email: jwa () nbs nau edu UNIX Systems Programmer/Administrator Phone: (520) 556-7466 x238 Colorado Plateau Research Station, Flagstaff, AZ Voice mail: *516
Current thread:
- need more for sendmail VRFY and EXPN bug Great Wall (May 14)
- <Possible follow-ups>
- Re: need more for sendmail VRFY and EXPN bug James W. Abendschan (May 14)
- Re: need more for sendmail VRFY and EXPN bug Casper Dik (May 15)