RE: [cobalt-developers] *ALERT* UPDATED BID 3163 (URGENCY 6.58): Sendmail Debugger Arbitrary Code Execution Vulnerability (fwd)

["KAMRY" <kamry1888@xxxxxxxxx>]

A patch is necessary in either cases, and no one can guarantee that their
users has no experience in architecture code since a friend might be
visiting and that should make dreams true :) So it is possible although it
might be way far from happening but after all no one can 100% guarantee.

Kal

-----Original Message-----
From: cobalt-developers-admin@xxxxxxxxxxxxxxx
[mailto:cobalt-developers-admin@xxxxxxxxxxxxxxx]On Behalf Of Curtis Ross
Sent: Thu, August 23, 2001 1:28 PM
To: cobalt-developers@xxxxxxxxxxxxxxx
Subject: RE: [cobalt-developers] *ALERT* UPDATED BID 3163 (URGENCY
6.58): Sendmail Debugger Arbitrary Code Execution Vulnerability (fwd)




>The attacker must  craft  in  architecture  specific  binary  code  the
>   commands (or 'shellcode') to be executed with  higher  privilege.
The
>   attacker must then run the program, using the '-d' flag to overwrite
a
>   function return address with the location of the supplied shellcode.
>
>
>   Restrict local access to trusted users only.
>
>   Note that this problem is  not  remotely  exploitable.
>   Additionally, sendmail 8.12 will no  longer  uses  a  set-user-id
root
>   binary by default.
>   --------------------
>

Agreed its an issue. But looking at the above there shouldn't be a huge
issue unless your handing out shell accounts.

Curtis

_______________________________________________
cobalt-developers mailing list
cobalt-developers@xxxxxxxxxxxxxxx
http://list.cobalt.com/mailman/listinfo/cobalt-developers


_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com