Bugtraq mailing list archives
about sendmail 8.8.8 HELO hole
From: gshapiro () SENDMAIL ORG (Gregory Neil Shapiro)
Date: Tue, 26 May 1998 20:15:16 -0700
-----BEGIN PGP SIGNED MESSAGE-----
"root" == Valentin Pavlov <root () PNS NETBG COM> writes:
root> I assume this this is pretty old (10 Jan 1998) but still... ... root> From: Gregory Neil Shapiro <sendmail+gshapiro () sendmail org> root> I was able to reproduce the header problem by lengthening the HELO string root> in your script. root> [...] root> This will be fixed in sendmail 8.9. This bug was fixed in version 8.9.0 of sendmail (released last week). From the RELEASE_NOTES file: 8.9.0/8.9.0 98/05/19 ... Limit the size of the HELO/EHLO parameter to prevent spammers from hiding their connection information in Received: headers. The current version is available at ftp://ftp.sendmail.org/pub/sendmail/. -----BEGIN PGP SIGNATURE----- Version: 2.6.3a Charset: noconv Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface iQCVAwUBNWuFOHxLZ22gDhVjAQGj7AQAnAQwzfOX3W2/VfxBK2mFPAeQDLPzNcno 17r3It8gjKhhWAELUEJNvwpv658/nC75CNMc8iYOmgipYAG4gZCuifUL8U95ME+g xNfXZao2mga8KTSS9GvcaiyLFTbwuXd4qNCM71fUsItQEF5uN+rpL+8qnvlvra2q HUvcdRWdp3c= =jpLy -----END PGP SIGNATURE-----
Current thread:
- about sendmail 8.8.8 HELO hole Valentin Pavlov (May 22)
- about sendmail 8.8.8 HELO hole Gregory Neil Shapiro (May 26)
- Re: about sendmail 8.8.8 HELO hole Zach White (May 26)
- Problem with ascend pipeline routers. Eric Thacker (May 26)
- Re: Problem with ascend pipeline routers. Joe Shaw (May 28)
- Ascend Pipeline DoS Jeff Wheeler (May 29)
- MS Exchange vulnerable. (was: about sendmail 8.8.8 HELO hole) Yuri Krichevsky (May 27)