Your browser does not seem to support CSS. If images appear below, please disregard them.
It appears that you're running an Ad-Blocker. This site is monetized by Advertising and by User Donations; we ask that if you find this site helpful that you whitelist us in your Ad-Blocker, or make a Donation to help aid in operating costs.
Previous Thread
Next Thread
Print Thread
Rate This Thread
#16514 - 03/24/03 10:40 AM New Sendmail Vulnerability  
Joined: Feb 2003
Posts: 4
prioris Offline
Junior Member
prioris  Offline
Junior Member

Joined: Feb 2003
Posts: 4
europe
Anyone see the sendmail exploit supposedly published by L.S.D.?, goes after a bug in the parsing of the e-mail addresses.


beta test, v:
To voluntarily entrust one's data, one's livelihood and one's sanity to hardware or software intended to destroy all three. In earlier days, virgins were often selected to beta test volcanos.
Sponsored Links
#16515 - 03/24/03 02:27 PM Re: New Sendmail Vulnerability  
Joined: Mar 2002
Posts: 1,041
Infinite Offline
UGN Elite Poster
Infinite  Offline
UGN Elite Poster

Joined: Mar 2002
Posts: 1,041
Canada eh
Yeah, I saw that. It's at least two weeks old now, but I would imagine that there is still a hell of a lot of systems out there that are vulnerable.

Infinite

#16516 - 03/25/03 12:05 AM Re: New Sendmail Vulnerability  
Joined: Mar 2002
Posts: 815
sinetific Offline
nobody
sinetific  Offline
nobody

Joined: Mar 2002
Posts: 815
Ann Arbor
Actually when they released the initial vulnerability info, they also stated their research wasnt concluded. At that point they had only tested it on a few systems(actually i think only one). About a week later they issued this statement:

"We have inspected this issue a bit more, and found out that on most Unix systems
the buf buffer is not followed by such data. We base this conclusion upon the
simple fact that we didn't manage to crash sendmail by feeding it with 250
sequences of <> chars in the from address string. This means that this issue does
not seam to be exploitable on them. The following table presents a summary of
our findings:

Freebsd 4.4 - (default & self compiled Sendmail 8.11.6) does not crash
Solaris 8.0 x86 - (default & self compiled Sendmail 8.11.6) does not crash
Solaris 8.0 sparc - (default & self compiled Sendmail 8.11.6) does not crash
HP-UX 10.20 - (self compiled Sendmail 8.11.6) does not crash
IRIX 6.5.14 - (self compiled Sendmail 8.11.6) does not crash
AIX 4.3 - (binary of Sendmail 8.11.3 from bull.de) does not crash
RedHat 7.0 - (default Sendmail 8.11.0) does not crash
RedHat 7.2 - (default Sendmail 8.11.6) does not crash
RedHat 7.3 (p) - (patched Sendmail 8.11.6) does not crash
RedHat 7.0 - (self compiled Sendmail 8.11.6) crashes
RedHat 7.2 - (self compiled Sendmail 8.11.6) crashes
RedHat 7.3 - (self compiled Sendmail 8.11.6) crashes
Slackware 8.0 (p) - (patched Sendmail 8.11.6 binary) crashes
Slackware 8.0 - (self compiled Sendmail 8.12.7) does not crash
RedHat 7.x - (self compiled Sendmail 8.12.7) does not crash"


You can read there full finding on the vulnerability here:

http://lwn.net/Articles/24292/

Other people have written exploits for this vulnerability but not as many systems as you think are vulnerable.

#16517 - 03/26/03 10:34 AM Re: New Sendmail Vulnerability  
Joined: Feb 2003
Posts: 4
prioris Offline
Junior Member
prioris  Offline
Junior Member

Joined: Feb 2003
Posts: 4
europe
I don't think the fact that they haven't managed to crash the above systems can be interpeted as a the hole being a pointless vulnerability. Needless to say its very difficult to remotely crash a system using this hole but a local user may have more luck ;-> , anyone see the new win 2k IIS exploit?, released by Rafael Nunez, formally of 'RaFa'. Take a step back and bow


beta test, v:
To voluntarily entrust one's data, one's livelihood and one's sanity to hardware or software intended to destroy all three. In earlier days, virgins were often selected to beta test volcanos.

Member Spotlight
Gremelin
Gremelin
Portland, OR; USA
Posts: 7,195
Joined: February 2002
Show All Member Profiles 
Forum Statistics
Forums45
Topics46,816
Posts81,986
Average Daily Posts11
Members2,159
Most Online1,567
Apr 25th, 2010
Latest Postings
Top Posters(All Time)
UGN Security 39,980
Gremelin 7,195
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Top Liked Users (All Time)
§intå× Likes: 1
Cold Sunn Likes: 1
Crime Likes: 1
Cyrez Likes: 1
Ghost Likes: 1
Gremelin Likes: 4
Ice Likes: 1
unreal Likes: 1
Top Liked Users (30 Days)
Powered by UBB.threads™ PHP Forum Software 7.6.0
(Snapshot build 20160902)