SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow)
Steven M. Bellovin
smb at cs.columbia.edu
Sat Mar 25 05:57:31 UTC 2006
On Sat, 25 Mar 2006 04:39:11 +0200, Gadi Evron <ge at linuxbox.org> wrote:
>
> Valdis.Kletnieks at vt.edu wrote:
> > Well, it *is* mostly a theoretical overflow - for it to work, a site would have to:
>
> Exploit is out there. How long did that take?
>
Is the exploit actually effective in the wild? The conditions Valdis
spoke of are improbable -- are there actually vulnerable sites? Or is
the attack much easier than he had indicated?
--Steven M. Bellovin, http://www.cs.columbia.edu/~smb
More information about the NANOG
mailing list