Welcome to our website
Sendmail Update for Mandrake
Posted by philipp on: 11/29/2002 12:18 AM [ Print | 0 comment(s) ]
MandrakeSoft has released a sendmail update for Mandrake Linux
A vulnerability was discovered by zen-parse and Pedram Amini in the sendmail MTA. They found two ways to exploit smrsh, an application intended as a replacement for the sh shell for use with sendmail; the first by inserting specially formatted commands in the ~/.forward file and secondly by calling smrsh directly with special options. These can be exploited to give users with no shell account, or those not permitted to execute certain programs or commands, the ability to bypass these restrictions.
08/22/2005 07:50 PM: sendmail in suse 9.3 (0) by linusguy