Date: Thu, 17 Oct 1996 16:00:45 -0700 (PDT) From: Veggy Vinny <richardc@CSUA.Berkeley.EDU> To: security@FreeBSD.ORG Subject: First security hole in sendmail 8.8.0 (fwd) Message-ID: <Pine.PTX.3.95.961017155959.5738R-100000@soda.CSUA.Berkeley.EDU>
next in thread | raw e-mail | index | archive | help
Anyone know anything about this?
Subject: First security hole in sendmail 8.8.0
Sent: 10/17 9:15 AM
Received: 10/17 10:39 AM
From: Tim Goodwin, tim@uunet.pipex.com
To: djb-qmail@koobera.math.uic.edu
Apparently there's a buffer overflow problem in sendmail 8.8.0's MIME
handling code. Anyone who can send you mail can scribble on sendmail's
stack, and have arbitrary code executed as root.
http://web.eecs.nwu.edu/~jmyers/bugtraq/1497.html
Tim.
#include <standard_disclaimer.h>
Rob Sansom
Network Admin.
Connectix Corp
(415) 638-7398
sansom@connectix.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.PTX.3.95.961017155959.5738R-100000>