[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Cobalt Security Notice - Linux Kernel - 06/09/00
- Subject: Re: [cobalt-security] Cobalt Security Notice - Linux Kernel - 06/09/00
- From: Jeff Lovell <jlovell@xxxxxxxxxx>
- Date: Fri, 09 Jun 2000 17:53:50 -0700
- Organization: Cobalt Networks, Inc.
Theodore Jones wrote:
>
> Jeff,
>
> Is sendmail only vulnerable if the user with an email account has malicious
> intent? Can anyone that knows an email address on the target machine just send
> a message and comprimise the system? Also, how long is it estimated until the
> package patch comes out?
This exploit is only exploitable by malicious users
with shell access. It is not remotely exploitable.
Jeff