ARCHIVE: 'Phage List' - Archives (1988 - 1989)
DOCUMENT: phage #343 [FYI-- another sendmail nasty] (1 message, 631 bytes)
NOTICE: securitydigest.org recognises the rights of all third-party works.
START OF DOCUMENT
From: email@example.com (Bruce Cole)
Date: Tue 21:22:47 06/12/1988 EST
Subject: FYI-- another sendmail nasty
References: [Thread Prev: 340] [Thread Next: 349] [Message Prev: 342] [Message Next: 344]
If your sendmail is older than 5.57 try the following: Open up an smtp connection to your mailer, and supply a program name with the MAIL FROM command. Eg: mail from:<"| /bin/rm /etc/passwd">. Then supply a receipient address containing an invalid host name. Guess what is likely to happen when the mail bounces? This security problem STILL exists under Sun OS 4.0 and Ultrix. PS: How many sites running sendmail ports on machines other than vaxes and suns have taken care of sendmail security problems? For example, think of all the sites which run Wollongong TCP with Berkeley sendmail version 4.12? That distribution of sendmail also comes with debug turned on by default.
END OF DOCUMENT
|ISSN 1742-948X 01 (Online) | 2005/03/01 | Copyright 2002-2008 securitydigest.org. All rights reserved.|