Date: Thu, 27 Feb 1997 19:25:20 -0800 (PST) From: Doug White <dwhite@gdi.uoregon.edu> To: Burton Sampley <burton@bsampley.vip.best.com> Cc: questions@freebsd.org Subject: Re: 2.1.6R security hole ?'s Message-ID: <Pine.BSI.3.94.970227192306.10074A-100000@localhost> In-Reply-To: <Pine.BSF.3.91.970227153535.409A-100000@bsampley.vip.best.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 27 Feb 1997, Burton Sampley wrote: > I have a stupid question. I recently trashed my hard drive and lost > everything. I was attemping to find out more info on the security hole > which caused 2.1.7 to be issued. What exactly was the problem? I seem > to recall it was something to do with sendmail. If the hole is limited to > sendmail was is it just on the FreeBSD port, or does this hole effect > ALL other OS's running sendmail and which version(s) of sendmail are > effected? Well, there were several things that prompted 2.1.6. The major instigator was a exploit found in the setlocale() function, which affected any program compiled under 2.1.6. Sendmail was an (older) item, as well as a buffer overflow in talkd and a million other small things. Doug White | University of Oregon Internet: dwhite@resnet.uoregon.edu | Residence Networking Assistant http://gladstone.uoregon.edu/~dwhite | Computer Science Major
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSI.3.94.970227192306.10074A-100000>