Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 31 Aug 2001 05:04:49 +0900 (JST)
From:      Hajimu UMEMOTO <ume@mahoroba.org>
To:        mike@sentex.net
Cc:        ume@mahoroba.org
Subject:   Re: Sendmail
Message-ID:  <20010831.050449.26350219.ume@mahoroba.org>
In-Reply-To: <5.1.0.14.0.20010830154128.04ac4ec0@marble.sentex.ca>
References:  <08ab01c1318b$defef2f0$2aa8a8c0@melim.com.br> <5.1.0.14.0.20010830154128.04ac4ec0@marble.sentex.ca>
next in thread | previous in thread | raw e-mail | index | archive | help 

>>>>> On Thu, 30 Aug 2001 15:43:17 -0400
>>>>> Mike Tancsa <mike@sentex.net> said:

mike> Probably not.. But, you never know. Someone could devise some clever way 
mike> for some other process to exploit the bug.

sendmail 8.11.15 had local-exploit.  If you use old version of
sendmail, you must upgrade to 8.11.16.  Don't forget to drop setuid
bit of old sendmail binary or remove it.

mike> At 04:42 PM 8/30/01 -0300, Ronan Lucio wrote:
>Hi all,
>
>If I have a machine that any user has shell access. Itīs just a mail server.
>Is such machine vulnerable for sendmail?

--
Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan
ume@mahoroba.org  ume@bisd.hitachi.co.jp  ume@{,jp.}FreeBSD.org
http://www.imasy.org/~ume/

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010831.050449.26350219.ume>