From owner-freebsd-security Thu May 20 12:45: 6 1999 Delivered-To: freebsd-security@freebsd.org Received: from tsunami.x5ca.net (tsunami.x5ca.net [206.191.74.2]) by hub.freebsd.org (Postfix) with SMTP id 8499E156B6 for ; Thu, 20 May 1999 12:44:58 -0700 (PDT) (envelope-from alanp@unixpower.org) Received: from unixpower.org (s1m09-dyn.x5ca.net [206.191.74.217]) by tsunami.x5ca.net (950413.SGI.8.6.12/950213.SGI.AUTOCF) via ESMTP id PAA06863 for ; Thu, 20 May 1999 15:46:19 -0400 Message-ID: <3744663D.77280116@unixpower.org> Date: Thu, 20 May 1999 15:45:01 -0400 From: Alan X-Mailer: Mozilla 4.07 [en] (X11; I; FreeBSD 3.2-STABLE i386) MIME-Version: 1.0 To: freebsd-security@freebsd.org Subject: Re: attack of failure Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, May 19, 1999 at 11:03:26PM -0500, Andrew G. Russell wrote: > Last night, a system that has been running FreeBSD 2.1.5 for a number of > years with the last upgrade being sendmail 8.8.4 being added. > sendmail 8.8.4 can give crackers root access, plus you are running a *real* old version of FreeBSD that most likely has a bunch of exploitable things. > This system will be upgraded to 2.2.8, but I sure would like some clue as > to how it happened. > > Thanks in advance for any help/thoughts. > > A.G. Russell -- | Alan L. * Webmaster of www.UnixPower.org | | Windsor Unix Users Group Founder: http://unix.windsor.on.ca/ | | Personal Page: http://www.unixpower.org/alanp/ | To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message