On Thu, Mar 30, 2006 at 05:08:11PM -0700, Peter Valchev wrote:
A race condition exists in sendmail's handling of asynchronous signals.
A remote attacker may be able to execute arbitrary source code with the
privileges of the user running sendmail, typically root.
Excuse my question - I don't
Oliver Peter wrote:
A race condition exists in sendmail's handling of asynchronous signals.
A remote attacker may be able to execute arbitrary source code with the
privileges of the user running sendmail, typically root.
Excuse my question - I don't want to attack our loved project but does
On Fri, Mar 31, 2006 at 05:20:45PM +0200, Oliver Peter wrote:
| On Thu, Mar 30, 2006 at 05:08:11PM -0700, Peter Valchev wrote:
| A race condition exists in sendmail's handling of asynchronous signals.
| A remote attacker may be able to execute arbitrary source code with the
| privileges of the
Oliver Peter wrote:
On Thu, Mar 30, 2006 at 05:08:11PM -0700, Peter Valchev wrote:
A race condition exists in sendmail's handling of asynchronous signals.
A remote attacker may be able to execute arbitrary source code with the
privileges of the user running sendmail, typically root.
does that mean that we've got a second remote hole? Don't kick my ass.
AFAIK, even if this is a remote hole in sendmail, OpenBSD exploits
mitigation techniques makes this hole hardly (if even possible) exploitable
in OpenBSD. Am I right? Although this is an integer overflow, not buffer
5 matches
Mail list logo