[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Cobalt Security Notice - Linux Kernel - 06/09/00

Subject: Re: [cobalt-security] Cobalt Security Notice - Linux Kernel - 06/09/00
From: Jeff Lovell <jlovell@xxxxxxxxxx>
Date: Fri, 09 Jun 2000 17:53:50 -0700
Organization: Cobalt Networks, Inc.

Theodore Jones wrote:
> 
> Jeff,
> 
> Is sendmail only vulnerable if the user with an email account has malicious
> intent?  Can anyone that knows an email address on the target machine just send
> a message and comprimise the system?  Also, how long is it estimated until the
> package patch comes out?

This exploit is only exploitable by malicious users
with shell access. It is not remotely exploitable.

Jeff

References:
- [cobalt-security] Cobalt Security Notice - Linux Kernel - 06/09/00
  - From: Jeff Lovell
- Re: [cobalt-security] Cobalt Security Notice - Linux Kernel - 06/09/00
  - From: Theodore Jones

Prev by Date: Re: [cobalt-security] Cobalt Security Notice - Linux Kernel - 06/09/00
Next by Date: Re: [cobalt-security] Cobalt Security Notice - Linux Kernel - 06/09/00
Previous by thread: Re: [cobalt-security] Cobalt Security Notice - Linux Kernel - 06/09/00
Next by thread: Re: [cobalt-security] Cobalt Security Notice - Linux Kernel - 06/09/00

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index