Date: Fri, 31 Aug 2001 05:04:49 +0900 (JST) From: Hajimu UMEMOTO <ume@mahoroba.org> To: mike@sentex.net Cc: ume@mahoroba.org Subject: Re: Sendmail Message-ID: <20010831.050449.26350219.ume@mahoroba.org> In-Reply-To: <5.1.0.14.0.20010830154128.04ac4ec0@marble.sentex.ca> References: <08ab01c1318b$defef2f0$2aa8a8c0@melim.com.br> <5.1.0.14.0.20010830154128.04ac4ec0@marble.sentex.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
>>>>> On Thu, 30 Aug 2001 15:43:17 -0400 >>>>> Mike Tancsa <mike@sentex.net> said: mike> Probably not.. But, you never know. Someone could devise some cle= ver way = mike> for some other process to exploit the bug. sendmail 8.11.15 had local-exploit. If you use old version of sendmail, you must upgrade to 8.11.16. Don't forget to drop setuid bit of old sendmail binary or remove it. mike> At 04:42 PM 8/30/01 -0300, Ronan Lucio wrote: >Hi all, > >If I have a machine that any user has shell access. It=B4s just a mail= server. >Is such machine vulnerable for sendmail? -- Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan ume@mahoroba.org ume@bisd.hitachi.co.jp ume@{,jp.}FreeBSD.org http://www.imasy.org/~ume/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010831.050449.26350219.ume>