[Full-Disclosure] sendmail vunerability?
From: nag (malazaba@o2.pl)
Date: 11/19/03
- Previous message: nag: "[Full-Disclosure] sendmail vunerability?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "nag" <malazaba@o2.pl> To: "FULL-DISCLOSURE" <FULL-DISCLOSURE@netsys.com>, "vulndiscuss" <vulndiscuss@vulnwatch.org> Date: Tue, 19 Nov 2003 13:55:40 +0100
charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
there is some rumor spreading about new sendmail vulnerability. i do not see
any news at www.sendmail.org but supposedly ths is remote buffer overflow.
i received the patch (see below), but o not have any exploit, so please
don't mail me about it.
does this look legitimate? any comments? is this something old? is
this some scam backdoor?
--- parseaddr.c 18 Jan 2003 00:41:48 -0000 8.359.2.4
+++ parseaddr.c 20 Mar 2003 12:20:43 -0000
@@ -709,7 +710,7 @@
}
/* read a new input character bin/ mail/ public_html/ src/ tmp/
- c = *p++;
+ c = (unsigned char)(*p++);
if (c == '\0')
{
/* diagnose and patch up bad syntax bin/ mail/ public_html/ src/ tmp/
-----------
--- nag ---
-----------
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: nag: "[Full-Disclosure] sendmail vunerability?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
