Davide Libenzi wrote:
>On Wed, 12 Oct 2005, Davide Libenzi wrote: > > > >>There is a possible buffer overflow vulnerability in all versions of XMail >>previous to 1.22. This does not affect the server itself, but the XMail's >>sendmail binary. Since many runs the XMail's sendmail as suid root, the >>issue can be critical, even if not easily exploitable w/out knowing the >>server setup. I'd suggest everyone to update to 1.22 ASAP: >> >> > >Side note if it wasn't clear. Even the Windows XMail's sendmail is >affected ... > > > > Will replacing sendmail.exe be enough? What are the changes to the server itself, if any? - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
