SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow)

JP Velders jpv at veldersjes.net
Sat Mar 25 12:30:36 UTC 2006


> Date: Thu, 23 Mar 2006 19:28:16 -0600 (CST)
> From: Gadi Evron <ge at linuxbox.org>
> Subject: Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS,
>     Memory Jumps, Integer Overflow) 

> [ ... ]
> No offense Valdis, you know I both like you and consider you a 
> friend, but if you (sendmail) can't take the heat and/or stand up to 
> the task of being International Infrastructure, step down.

> This isn't about processes, it's about something that has been around for
> a while, many reply on and keeps ******* up. Where it simply can't.

What world do you live in were everything is done perfect ? If you 
don't like sendmail because of its history or that it can contains 
flaws, vote with your feet and choose something that you do think can 
be trusted to do a better job, is more secure, is more actively 
developed and is developed more securely then sendmail. [*]

Heck, if I were to have kids one day and would like them to get to 
school safely by car, I'd like to have something short of a tank to be 
absolutely certain. Instead I'll probably make them aware of the 
risks, give them good protection and bicyle helmets... Now if I were a 
head of state or something, I'd probably have people to get me that 
tank... Note the "have people"...

> 	Gadi.

Regards,
JP Velders

[*] it happened with ssh.com versus OpenSSH... (though the
    license played a role, people did vote with their feet)



More information about the NANOG mailing list