From owner-freebsd-security  Thu May 20 12:45: 6 1999
Delivered-To: freebsd-security@freebsd.org
Received: from tsunami.x5ca.net (tsunami.x5ca.net [206.191.74.2])
	by hub.freebsd.org (Postfix) with SMTP id 8499E156B6
	for <freebsd-security@freebsd.org>; Thu, 20 May 1999 12:44:58 -0700 (PDT)
	(envelope-from alanp@unixpower.org)
Received: from unixpower.org (s1m09-dyn.x5ca.net [206.191.74.217]) by tsunami.x5ca.net (950413.SGI.8.6.12/950213.SGI.AUTOCF) via ESMTP id PAA06863 for <freebsd-security@freebsd.org>; Thu, 20 May 1999 15:46:19 -0400
Message-ID: <3744663D.77280116@unixpower.org>
Date: Thu, 20 May 1999 15:45:01 -0400
From: Alan <alanp@unixpower.org>
X-Mailer: Mozilla 4.07 [en] (X11; I; FreeBSD 3.2-STABLE i386)
MIME-Version: 1.0
To: freebsd-security@freebsd.org
Subject: Re: attack of failure
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Wed, May 19, 1999 at 11:03:26PM -0500, Andrew G. Russell wrote:
> Last night, a system that has been running FreeBSD 2.1.5 for a number of
> years with the last upgrade being sendmail 8.8.4 being added.
>

sendmail 8.8.4 can give crackers root access, plus you are running a
*real*
old version of FreeBSD that most likely has a bunch of exploitable
things.
 
> This system will be upgraded to 2.2.8, but I sure would like some clue as 
> to how it happened.
> 
> Thanks in advance for any help/thoughts.
> 
> A.G. Russell

-- 
|           Alan L. * Webmaster of www.UnixPower.org           |
| Windsor Unix Users Group Founder: http://unix.windsor.on.ca/ |
|       Personal Page:  http://www.unixpower.org/alanp/        |


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message