[unisog] sendmail vulnerability / impact

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Fri Mar 7 15:21:25 GMT 2003

On Fri, 07 Mar 2003 09:31:37 EST, Robin Anderson <robin at umbc.edu>  said:

> Basically, our CIO is considering lifting the port 25 ban if no one has
> seen activity related to the sendmail hole.  Even evidence of a couple
> compromised systems or broad probes for the hole across multiple sites
> might keep the lockdown in place.  Thanks in advance!

At the recent SANS-EDU, I opined to people: "36 hours till we see an exploit,
and 3 weeks till we see scanning for it".  The LSD crew posted to Bugtraq after
24 hours 30 minutes, and I'm waiting for part two of my prediction.

				Valdis Kletnieks
				Computer Systems Senior Engineer
				Virginia Tech

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/unisog/attachments/20030307/da4170d0/attachment-0007.bin

More information about the unisog mailing list