[Dshield] Sendmail exploit code released for Red Hat and Slackware

Tim Rushing rushing at jorsm.com
Wed Mar 5 05:22:09 GMT 2003


Not that I think anyone on this list hasn't already jumped at upgrading 
their Sendmail installation, but Cnet is reporting that a Polish group has 
released exploit code for the Sendmail vulnerability that targets Red Hat 
and Slackware installations.  However, just in case some of you have home 
dial-up machines that require long download times and you thought you were 
safe waiting a bit. . .

Most disturbing quote from the article:

      The Sendmail founder had expected that code would be
      released soon, but not within 24 hours. Moreover, the
      functional nature of the posted code--the script returns
      a terminal prompt with which an attacker could issue commands
      to the compromised host--was overkill, he said.

Cnet article at http://news.com.com/2100-1002-991041.html?tag=fd_top


     ---Tim Rushing




More information about the list mailing list