Re: Crackers and Worms


Arnold D. Robbins {EUCC} (emory!arnold@gatech.edu)
10 Nov 88 17:42:08 GMT


In article <44440@beno.seismo.CSS.GOV> rick@seismo.CSS.GOV (Rick Adams) writes:
>I have not been able to find ONE person who claims to
>have known that sendmail compiled with DEBUG on would have allowed
>anyone with SMTP access to run an arbitrary program on their machine.

Didn't Paul Vixie say he knew it? If not, I apologize in advance.

>The fact that you can run an arbitrary program is such an obvious
>security hole that I can't believe anyone wouldn't report it if they knew.

The bug is actually in the sendmail.cf file; we are running a sendmail.cf
file written from scratch, and our vax systems, even though they had
debug compiled in, did not accept the To: address used to run commands.
So, we did not get hit, although we're just one hop up SURAnet from GaTech.

--
Arnold Robbins -- Emory	University Computing Center
DOMAIN:	arnold@unix.cc.emory.edu (finally!)
UUCP:	{ decvax, gatech, skeeve }!emory!arnold		BITNET:	UUCP:	{ decvax, gatech, skeeve }!emory!arnold		BITNET:	arnold@emoryu1
PHONE:	+1 404 727-7636



This archive was generated by hypermail 2.0b3 on Thu Mar 09 2000 - 14:44:30 GMT