-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sendmail 8.11.4 on Red Hat 6.2 and kernel 2.2.18 confirmed vulerable to this local root exploit with mail's shell both blank (meaning /bin/bash) and /usr/sbin/smrsh 8.11 (Berkeley) 5/19/1998. I got dumped into a root bash shell both times when starting this program as an ordinary user. Sendmail 8.11.6 on same platform is confirmed *not* to be vulerable under the same two setups (with and without smrsh). smrsh with 8.11.6 does not have an explicit version number but mentions @(#)$Id: smrsh.c,v 8.31.4.9 2001/04/24 04:11:51 ca Exp $. Is this the command line processing but mentioned at http://www.sendmail.org/8.11.html? Michael Kjörling On Aug 23 2001 04:40 +0400, Alexander Yurchenko wrote: > Here's an another sendmail exploit for linux x86. > > Alexander Yurchenko aka grange - -- Michael Kjörling - michaelat_private - PGP: 8A70E33E Manager Wolf.COM -- Programmer -- Network Administrator "We must be the change we wish to see" (Mahatma Gandhi) ^..^ Support the wolves in Norway -- go to ^..^ \/ http://home.no.net/ulvelist/protest_int.htm \/ ***** Please only send me emails which concern me ***** -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For my PGP key: http://michael.kjorling.com/contact/pgp.html iD8DBQE7hLHfKqN7/Ypw4z4RAnclAJsEAoj0h7SKvLpyYBttCwXPAP5pJACfdysX 7y05P5ILqXr2E+aRRkW6Ev4= =uf78 -----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Thu Aug 23 2001 - 07:16:09 PDT