Date: Thu, 22 Feb 2001 17:39:40 -0800 From: Gregory Neil Shapiro <gshapiro@freebsd.org> To: Mike Tancsa <mike@sentex.net> Cc: security@freebsd.org Subject: Re: Fwd: [TL-Security-Announce] Sendmail-8.11.2-5 TLSA2001003-1 Message-ID: <14997.48988.504211.466384@horsey.gshapiro.net> In-Reply-To: <4.2.2.20010222202121.03d64948@marble.sentex.net> References: <4.2.2.20010222202121.03d64948@marble.sentex.net>
next in thread | previous in thread | raw e-mail | index | archive | help
>>>>> "mike" == Mike Tancsa <mike@sentex.net> writes: mike> Is this a LINUX specific thing, or Sendmail in general ?? >> TurboLinux Advisory ID#: TLSA2001003-1 >> 1. Problem Summary >> >> Sendmail, launched with the -bt command-line switch, enters its special >> "address test" mode. Under these conditions, it is vulnerable to a >> segmentation fault which can occur when trying to set a class in ad- >> dress test mode due to a negative array index. First, that was *fixed* in 8.11.2, not vulnerable in 8.11.2: 8.11.2/8.11.2 2000/12/29 Prevent a segmentation fault when trying to set a class in address test mode due to a negative array index. Audit other array indexing. This bug is not believed to be exploitable. Noted by Michal Zalewski of the "Internet for Schools" project (IdS). >> 2. Impact >> >> A user can gain root privileges. Second, it does not give you any privileges at all, even in the version that has the bug. The original reporter, Michal Zalewski, even acknowledges this fact. I wonder where TurboLinux gets their information. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?14997.48988.504211.466384>