Re: CIAC Bulletin G-09: Unix sendmail vulnerability

Fred Cohen (fc@all.net)
Tue, 6 Feb 1996 12:20:06 -0500 (EST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Philippe Langlois: "Re: Intro; Question"
Previous message: Barney, Larry: "Re[2]: Introduction"
In reply to: Frank Swift at Home: "CIAC Bulletin G-09: Unix sendmail vulnerability"
Next in thread: Chris Townsend: "Re: CIAC Bulletin G-09: Unix sendmail vulnerability"

Hi Frank:

I have tried to generate buffer overruns from my sendmail but only get
an error message stating that the input line is too long.

I am running Sun's Sendmail 4.1/3.2.012693 under SunOS Release 4.1.3_U

Is there a test I can do to determine whether or not this vulnerability
applies? I am running Sendmail through tcp wrappers in case this makes a
difference. 

-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236

Next message: Philippe Langlois: "Re: Intro; Question"
Previous message: Barney, Larry: "Re[2]: Introduction"
In reply to: Frank Swift at Home: "CIAC Bulletin G-09: Unix sendmail vulnerability"
Next in thread: Chris Townsend: "Re: CIAC Bulletin G-09: Unix sendmail vulnerability"