Re: Major remote root vunerability found in sendmail

From: Erik Parker (erik.parkerat_private)
Date: Mon Mar 03 2003 - 13:09:36 PST

Next message: Steven Procter: "Re: Major remote root vunerability found in sendmail"

Previous message: Renaud Deraison: "Re: Major remote root vunerability found in sendmail"
In reply to: Renaud Deraison: "Re: Major remote root vunerability found in sendmail"
Next in thread: Steven Procter: "Re: Major remote root vunerability found in sendmail"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> At this time, given the vulnerability, I'm ok with that. I'll probably
> remove Michael's expression later on, but right now, your regexp is a
> bit hard to swallow so I'm in extra-paranoid/doubtful mode.
> 
> (I'm not critcizing your regexp but rather my inability to grasp it just
> at the moment :)

Fair enough, we did do fairly extensive testing against sendmail versions 
to be sure it wouldn't false positive, but got everything we needed. Hence 
the reason it took us nearly an hour to write =)


--        
Erik Parker, CISSP
Digital Defense, Inc.
1711 Citadel Plaza
San Antonio, Texas 78209
210.822.2645

Next message: Steven Procter: "Re: Major remote root vunerability found in sendmail"
Previous message: Renaud Deraison: "Re: Major remote root vunerability found in sendmail"
In reply to: Renaud Deraison: "Re: Major remote root vunerability found in sendmail"
Next in thread: Steven Procter: "Re: Major remote root vunerability found in sendmail"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Mar 03 2003 - 13:12:42 PST