From: Jeff Lasman <jblists@xxxxxxxxxxxxx>
Reply-To: cobalt-security@xxxxxxxxxxxxxxx
To: cobalt-security@xxxxxxxxxxxxxxx
Subject: Re: [cobalt-security] *ALERT* UPDATED BID 3163 (URGENCY 6.58):
Sendmail Debugger ArbitraryCode Execution Vulnerability (fwd)
Date: Tue, 14 Jan 2003 00:57:56 -0800
ProServe - Peter Batenburg wrote:
>
> Is cobalt going to do something about this? Allready 2 exploits have
been
> released on the bugtraq mailing list.
I'm not sure what version of sendmail your server is running. Mine is
running 8.10.2.
8.10 versions of sendmail and earlier are NOT subject to this exploit.
Additionally, this exploit can only be performed by local users.
Jeff
--
Jeff Lasman, nobaloney.net, P. O. Box 52672, Riverside, CA 92517 US
Internet & Unix/Linux/Sun/Cobalt Consulting +1 909 778-9980
Our jblists address used on lists is for list email only
To contact us offlist: "http://www.nobaloney.net/contactus.html"
_______________________________________________
cobalt-security mailing list
cobalt-security@xxxxxxxxxxxxxxx
http://list.cobalt.com/mailman/listinfo/cobalt-security