Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 22 Feb 2001 20:48:58 -0500
From:      Mike Tancsa <mike@sentex.net>
To:        Gregory Neil Shapiro <gshapiro@FreeBSD.ORG>
Cc:        security@FreeBSD.ORG
Subject:   Re: Fwd: [TL-Security-Announce] Sendmail-8.11.2-5 TLSA2001003-1
Message-ID:  <4.2.2.20010222204523.03d6ef90@marble.sentex.net>
In-Reply-To: <14997.48988.504211.466384@horsey.gshapiro.net>
References:  <4.2.2.20010222202121.03d64948@marble.sentex.net> <4.2.2.20010222202121.03d64948@marble.sentex.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
At 05:39 PM 2/22/2001 -0800, Gregory Neil Shapiro wrote:
> >>>>> "mike" == Mike Tancsa <mike@sentex.net> writes:
>
>mike> Is this a LINUX specific thing, or Sendmail in general ??
>
> >> TurboLinux Advisory ID#:  TLSA2001003-1
>
> >> 1. Problem Summary
> >>
> >> Sendmail, launched with the -bt command-line switch, enters its special
> >> "address test" mode. Under these conditions, it is vulnerable to a
> >> segmentation fault which can occur when trying to set a class in ad-
> >> dress test mode due to a negative array index.
>
>First, that was *fixed* in 8.11.2, not vulnerable in 8.11.2:


Thanks for the quick response!  The way it was worded, it claimed all 
versions of sendmail were vulnerable :-(


> >> 2. Impact
> >>
> >> A user can gain root privileges.
>
>Second, it does not give you any privileges at all, even in the version
>that has the bug.  The original reporter, Michal Zalewski, even
>acknowledges this fact.  I wonder where TurboLinux gets their information.

I thought this looked familiar from a while back.  Thanks again for quickly 
settling the issue!

         ---Mike


--------------------------------------------------------------------
Mike Tancsa,                          	          tel +1 519 651 3400
Network Administration,     			  mike@sentex.net
Sentex Communications                 		  www.sentex.net
Cambridge, Ontario Canada			  www.sentex.net/mike


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.2.2.20010222204523.03d6ef90>