LinuxSA Mailing list archives
Index:
[thread]
[date]
[subject]
[author]
From: Nick Morrison <nickelodeon@heaps.fully.cx>
To : Bruce Moffatt" <bmoffatt@picknowl.com.au>, "Phil Pittard <bmoffatt@picknowl.com.au>
Date: Sat, 25 Sep 1999 12:49:01 +0930
RE: sendmail problem
Hello,
> > There IS an exploitable hole in sendmail 8-7.3(ish) up to and including
> > at least 8.8.3 or 8.8.4 (not sure how far the bug lasted!) which allows
> > anyone to become root.... have a look in /tmp for an suid file called
> > sh and if its there you have had an unwanted visitor:).
>
> Any cracker worth defending against is unlikely to leave their root
> shell lying around in /tmp, and named sh. If you find such, assume you
> have been burgled by a complete novice.
Or safer still - *hope* that you've been burgled by a novice, and *assume*
you've been burgled by someone smart enough to make you think they're a
novice.
Remember - "Only the paranoid survive"
http://www.f-cked.com/
__
Nick Morrison
nickelodeon@heaps.fully.cx
http://www.fully.cx/
--
Check out the LinuxSA web pages at http://www.linuxsa.org.au/
To unsubscribe from the LinuxSA list:
mail linuxsa-request@linuxsa.org.au with "unsubscribe" as the subject
Index:
[thread]
[date]
[subject]
[author]
Return to the LinuxSA Mailing List Information Page