[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FYI] (Fwd) Results, Not Resolutions
- To: debate@lists.fitug.de
- Subject: Re: [FYI] (Fwd) Results, Not Resolutions
- From: Florian Weimer <fw@deneb.enyo.de>
- Date: Tue, 19 Feb 2002 00:05:33 +0100
- Delivered-To: mailing list debate@lists.fitug.de
- In-Reply-To: <20020219002358.A459@mandark.chaos.lab> (Frank Meerkoetter'smessage of "Tue, 19 Feb 2002 00:23:58 +0100")
- List-Help: <mailto:debate-help@lists.fitug.de>
- List-Id: <debate.lists.fitug.de>
- List-Post: <mailto:debate@lists.fitug.de>
- List-Subscribe: <mailto:debate-subscribe@lists.fitug.de>
- List-Unsubscribe: <mailto:debate-unsubscribe@lists.fitug.de>
- Mailing-List: contact debate-help@lists.fitug.de; run by ezmlm
- References: <3C6F9F9D.15337.11595C@localhost> <87zo28fh1o.fsf@deneb.enyo.de><20020219002358.A459@mandark.chaos.lab>
- User-Agent: Gnus/5.090006 (Oort Gnus v0.06) Emacs/21.1 (i686-pc-linux-gnu)
Frank Meerkoetter <meerkoetter@stud.fbi.fh-darmstadt.de> writes:
>> Dank sendmail konnte E-Mail auch zu frühen Tagen ausführbare Inhalte
>> tragen. :-/
> -v, bitte.
Ein Beispiel von mehreren:
http://www.cert.org/advisories/CA-93.16.sendmail.vulnerability
| I. Description
|
| A vulnerability exists in most versions of sendmail that allows
| unauthorized remote or local users to execute programs as any system
| user other than root.
|
| This vulnerability affects the final destination sendmail host
| and can be exploited through an intermediate mail machine. Therefore,
| all sendmail recipient machines within a domain are potentially
| vulnerable.
--
To unsubscribe, e-mail: debate-unsubscribe@lists.fitug.de
For additional commands, e-mail: debate-help@lists.fitug.de