Re: Fwd: [TL-Security-Announce] Sendmail-8.11.2-5 TLSA2001003-1

From: Gregory Neil Shapiro (gshapiro@freebsd.org)
Date: 02/23/01


Date: Thu, 22 Feb 2001 17:39:40 -0800
From: Gregory Neil Shapiro <gshapiro@freebsd.org>
To: Mike Tancsa <mike@sentex.net>


>>>>> "mike" == Mike Tancsa <mike@sentex.net> writes:

mike> Is this a LINUX specific thing, or Sendmail in general ??

>> TurboLinux Advisory ID#: TLSA2001003-1

>> 1. Problem Summary
>>
>> Sendmail, launched with the -bt command-line switch, enters its special
>> "address test" mode. Under these conditions, it is vulnerable to a
>> segmentation fault which can occur when trying to set a class in ad-
>> dress test mode due to a negative array index.

First, that was *fixed* in 8.11.2, not vulnerable in 8.11.2:

8.11.2/8.11.2 2000/12/29
        Prevent a segmentation fault when trying to set a class in
                address test mode due to a negative array index. Audit
                other array indexing. This bug is not believed to be
                exploitable. Noted by Michal Zalewski of the "Internet for
                Schools" project (IdS).

>> 2. Impact
>>
>> A user can gain root privileges.

Second, it does not give you any privileges at all, even in the version
that has the bug. The original reporter, Michal Zalewski, even
acknowledges this fact. I wonder where TurboLinux gets their information.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message