[Dshield] critical sendmail problem.

Johannes Ullrich jullrich at euclidian.com
Mon Mar 3 18:55:19 GMT 2003


> Does it *only* effect systems with sendmail listening and accepting mail
> from the world, or are you vulnerable if you allow users to send mail
> from local accounts? 

just putting pieces together, so I don't have the final answer yet. 
But I would expect that this vulnerability exists locally as well
as the effected headers can be set by users (and web forms for that
matter!).


-- 
--------------------------------------------------------------------
jullrich at euclidian.com             Collaborative Intrusion Detection
                                         join http://www.dshield.org



More information about the list mailing list