[Dshield] sendmail exploit

Jon R. Kibler Jon.Kibler at aset.com
Tue Mar 11 23:07:06 GMT 2003


Just a heads up for sendmail users...

Recent discussions in comp.mail.sendmail suggest that there is a reasonable chance that the new sendmail exploit may be present in the wild. There is no absolute proof -- a system has not been breached -- but either someone is attempting attacks and failing, or they have another very serious problem on the sending side, such as a corrupt formmail.cgi script.

Links:
   CERT notice: http://www.cert.org/advisories/CA-2003-07.html
   sendmail patch: http://www.sendmail.org/patchcr.html

Jon R. Kibler
A.S.E.T., Inc.
Charleston, SC  USA



More information about the list mailing list