From owner-freebsd-security  Thu Oct 17 15:59:46 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id PAA06806
          for security-outgoing; Thu, 17 Oct 1996 15:59:46 -0700 (PDT)
Received: from soda.CSUA.Berkeley.EDU (soda.CSUA.Berkeley.EDU [128.32.43.52])
          by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id PAA06800
          for <security@FreeBSD.ORG>; Thu, 17 Oct 1996 15:59:42 -0700 (PDT)
Received: from localhost (richardc@localhost) by soda.CSUA.Berkeley.EDU (8.6.12/8.6.12) with SMTP id QAA05452 for <security@FreeBSD.ORG>; Thu, 17 Oct 1996 16:00:47 -0700
Date: Thu, 17 Oct 1996 16:00:45 -0700 (PDT)
From: Veggy Vinny <richardc@CSUA.Berkeley.EDU>
To: security@FreeBSD.ORG
Subject: First security hole in sendmail 8.8.0 (fwd)
Message-ID: <Pine.PTX.3.95.961017155959.5738R-100000@soda.CSUA.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-security@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

Anyone know anything about this?


Subject:     First security hole in sendmail 8.8.0
Sent:        10/17  9:15 AM
Received:    10/17  10:39 AM
From:        Tim Goodwin, tim@uunet.pipex.com
To:          djb-qmail@koobera.math.uic.edu

Apparently there's a buffer overflow problem in sendmail 8.8.0's MIME
handling code.  Anyone who can send you mail can scribble on sendmail's
stack, and have arbitrary code executed as root.

    http://web.eecs.nwu.edu/~jmyers/bugtraq/1497.html

Tim.



#include <standard_disclaimer.h>

Rob Sansom
Network Admin.
Connectix Corp
(415) 638-7398
sansom@connectix.com