Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 17 Oct 1996 16:00:45 -0700 (PDT)
From:      Veggy Vinny <richardc@CSUA.Berkeley.EDU>
To:        security@FreeBSD.ORG
Subject:   First security hole in sendmail 8.8.0 (fwd)
Message-ID:  <Pine.PTX.3.95.961017155959.5738R-100000@soda.CSUA.Berkeley.EDU>

next in thread | raw e-mail | index | archive | help
Anyone know anything about this?


Subject:     First security hole in sendmail 8.8.0
Sent:        10/17  9:15 AM
Received:    10/17  10:39 AM
From:        Tim Goodwin, tim@uunet.pipex.com
To:          djb-qmail@koobera.math.uic.edu

Apparently there's a buffer overflow problem in sendmail 8.8.0's MIME
handling code.  Anyone who can send you mail can scribble on sendmail's
stack, and have arbitrary code executed as root.

    http://web.eecs.nwu.edu/~jmyers/bugtraq/1497.html

Tim.



#include <standard_disclaimer.h>

Rob Sansom
Network Admin.
Connectix Corp
(415) 638-7398
sansom@connectix.com




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.PTX.3.95.961017155959.5738R-100000>