Re: [LSD] Technical analysis of the remote sendmail vulnerability

From: Eric Allman (eric+bugtraqat_private)
Date: Tue Mar 04 2003 - 09:29:02 PST

Next message: David Huecking: "Re: Sendmail testing tool."

Previous message: iDEFENSE Labs: "iDEFENSE Security Advisory 03.04.03: Locally Exploitable Buffer Overflow in file(1)"
In reply to: Last Stage of Delirium: "[LSD] Technical analysis of the remote sendmail vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I want to emphasize one of the last sentences in this posting:
``However, we cannot exclude that there does not exist another
execution path in the sendmail code, that could lead to the program
counter overwrite.''  Please don't breath a sigh of relief because
you are running on one of the "does not crash" systems.

Besides direct execution path exploits, there are other variables
that are not pointers that have security implications; finding one of
them within range will be more difficult, but probably not impossible.

Everyone should patch as soon as possible, regardless of platform.

eric

Next message: David Huecking: "Re: Sendmail testing tool."
Previous message: iDEFENSE Labs: "iDEFENSE Security Advisory 03.04.03: Locally Exploitable Buffer Overflow in file(1)"
In reply to: Last Stage of Delirium: "[LSD] Technical analysis of the remote sendmail vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Mar 04 2003 - 12:36:12 PST