North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow)
On Sat, 25 Mar 2006 18:00:41 +0200, Gadi Evron said: > There are two exploit code samples I saw. There are two remote exploits > for one of them so far that are public that I know of. There's exploits for the race condition. I was *specifically* talking about the integer overflow, which looks pretty damned hard to exploit unless the victim site deliberately recompiled their sendmail binary with a very sub-optimum configuration. But then, you'd know that if you either actually *looked* at what I wrote, or looked at the diff of the 8.13.[56] trees. Attachment:
pgp00029.pgp
|