Trilight Zone Forum Index Trilight Zone
Privacy & Anonymity is our speciality !
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Sendmail

 
Post new topic   Reply to topic    Trilight Zone Forum Index -> Security
Author Message
thedark
Second Lieutenant


Joined: 30 Jul 2005
Posts: 1074

PostPosted: Thu Aug 04, 2005 12:13 am    Post subject: Sendmail Reply with quote
A vulnerability was discovered by zen-parse and Pedram Amini in the sendmail MTA. They found two ways to exploit smrsh, an application intended as a replacement for the sh shell for use with sendmail; the first by inserting specially formatted commands in the ~/.forward file and secondly by calling smrsh directly with special options. These can be exploited to give users with no shell account, or those not permitted to execute certain programs or commands, the ability to bypass these restrictions.

http://cve.mitre.org/cgi-bin/cvename.cgi?n...e=CAN-2002-1165
Back to top
Display posts from previous:   
Post new topic   Reply to topic    Trilight Zone Forum Index -> Security All times are GMT
Page 1 of 1

 


Powered by phpBB © 2001, 2005 phpBB Group