From owner-freebsd-security  Sat Nov 16 20:57:58 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id UAA26407
          for security-outgoing; Sat, 16 Nov 1996 20:57:58 -0800 (PST)
Received: from quagmire.ki.net (root@quagmire.ki.net [205.150.102.1])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id UAA26386;
          Sat, 16 Nov 1996 20:57:46 -0800 (PST)
Received: from localhost (scrappy@localhost) by quagmire.ki.net (8.8.2/8.7.5) with SMTP id XAA13291; Sat, 16 Nov 1996 23:57:40 -0500 (EST)
Date: Sat, 16 Nov 1996 23:57:40 -0500 (EST)
From: "Marc G. Fournier" <scrappy@ki.net>
To: "S(pork)" <spork@super-g.com>
cc: freebsd-security@FreeBSD.org, freebsd-hackers@FreeBSD.org
Subject: Re: New sendmail bug...
In-Reply-To: <Pine.LNX.3.92.961116165903.12931A-100000@super-g.inch.com>
Message-ID: <Pine.NEB.3.95.961116235637.13141B-100000@quagmire.ki.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-security@FreeBSD.org
X-Loop: FreeBSD.org
Precedence: bulk

On Sat, 16 Nov 1996, S(pork) wrote:

> It's nasty and easy...  If you're on Bugtraq, you saw it.  If anyone with
> more knowledge on this issue can check it out, please post to the list so
> everyone can free themselves of this vulnerability.  Root in under 15
> seconds with an account on the machine.  If you need the 'sploit, please
> mail me here and I'll send it to you.  I verified it on FBSD, NetBSD,
> Linux so far...
>

	Please send details on 'sploit...would like to test on my Solaris
2.5.1 box as well...

Thanks...

Marc G. Fournier                                  scrappy@ki.net
Systems Administrator @ ki.net               scrappy@freebsd.org