Hop to it, 'nother sendmail patch released
dagmar.wants at nospam.com
Sat Mar 29 23:46:28 PST 2003
This hit the Full Disclosure list a couple of days ago, so it's a little
shift of the Sendmail people to phrase their release the way they did,
but in any case, another bit of slightly screwey code involving parsing
addresses was found and now we have 8.12.9. You're _probably_ not
vulnerable if you have taken steps to make your stack non-executeable,
but beyond that this one is somewhat easier to exploit than the last
Patches and new versions can be found from www.sendmail.org. Hop to it.
The email address above is just as phony as it looks, and for obvious reasons.
Instant messaging contact nfo: AIM: evilDagmar Jabber: evilDagmar at jabber.org
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe lfs-security' in the subject header of the message
More information about the lfs-security