Date: Mon, 1 Feb 1999 13:19:49 -0600 (CST) From: Igor Roshchin <igor@physics.uiuc.edu> To: mjung@npc.net (Jung Michael) Cc: igor@physics.uiuc.edu, security@FreeBSD.ORG Subject: Re: Sendmail- headers Message-ID: <199902011919.NAA03752@alecto.physics.uiuc.edu> In-Reply-To: <c=US%a=_%p=Financial_Allian%l=EXCHANGE-990201173310Z-116325@exchange.finall.com> from "Jung, Michael" at "Feb 1, 1999 12:33:10 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
No, it didn't happen in the message itself. In the headers only. Also, we don't have Cisco Firewall. Thanks, anyway. Igor > Does this ever happen elsewhere in the message? > > If si and you have a Cisco PIX firewall this is a known problem using > the > "mailhost" statement. If so look at cisco's site for a resolution. > > We had this exact problem a while back > > --mikej > Michael Jung > mjung@npc.net > > >-----Original Message----- > >From: Igor Roshchin [SMTP:igor@physics.uiuc.edu] > >Sent: Friday, January 29, 1999 5:30 PM > >To: security@FreeBSD.ORG > >Subject: Sendmail- headers > > > > > >Hello! > > > >Sorry, if I am asking about some which has been stated clearly. > >I just looked in the archives and haven't found the clear answer. > > > >This week I've received two messages which indicate an attempt > >of the header overflow (I think) in the sendmail. > >Remembering some discussion recently on one of the lists, > >I am not sure if this overflow can result in any break in > >or just might cause identity forgering (so, to prevent identification > >of the sender and/or his host) ? > > > >I am running Sendmail 8.8.5/8.7.3 on a 2.1.7.1 -> 2.1-STABLE > >Yes, I know it's outdated and the upgrade is pending, > >but I am concerned if there was a break in this way, and whether I should > >worry about detection of any traces of it. > > > >The headers are: > > > > > >Return-Path: aho@aho.ne > >Received: from > >xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx > >xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx > >xxx > >xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx > >xxx > >xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx > >xxx > >xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx > >xxx > >xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx > >xxx > >xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx > >xxx > >xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx > >xxx > >xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx > >xxx > >xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx > >xxx > >xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx > >xxx > >xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx > >xxx > >xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx > >Date: Fri, 29 Jan 1999 08:50:44 -0500 (EST) > >From: aho@aho.ne > >Message-Id: <199901291350.IAA10527@MYHOST.CHANGED.BY.ME.FOR.SECURITY.REASONS> > >To: kei37@geocities.co.jp > >Subject: test > >X-Mailer: Microsoft Outlook Express 4.72.2106 > > > > > > > >Thanks, > > > >Igor > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org > >with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199902011919.NAA03752>