[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: about sendmail 8.8.8 HELO hole

To: BUGTRAQ@NETSPACE.ORG
Subject: Re: about sendmail 8.8.8 HELO hole
From: Zach White <zach@MAILHOST.CLIPPER.NET>
Date: Tue, 26 May 1998 22:17:34 -0700
Approved-By: aleph1@NATIONWIDE.NET
In-Reply-To: <Pine.LNX.3.96.980522121734.11307A-100000@pns.netbg.com> from Valentin Pavlov at "May 22, 98 12:36:54 pm"
Reply-To: Zach White <zach@MAILHOST.CLIPPER.NET>
Sender: Bugtraq List <BUGTRAQ@NETSPACE.ORG>

Valentin Pavlov wrote:
> -----Original Message-----
> From: Michał Zalewski <lcamtuf@boss.staszic.waw.pl>
> To: info@rootshell.com <info@rootshell.com>
> Date: 10 stycznia 1998 12:28
> Subject: Sendmail 8.8.8 (qmail?) HELO hole.
>
>
> Here's a brief description of Sendmail (qmail) hole I found
> recently:
>
> When someone mailbombs you, or tries to send fakemail, spam, etc -
> sendmail normally attachs sender's host name and it's address
> to outgoing message:
*snip*

I just checked qmail to see if it was vunerable, and qmail 1.02 is
safe because it displays the host before the helo string (It also
displayed the complete helo string, about 2000 characters). Another
exploit in sendmail and still none for qmail. ;)

--
***** Zach White [/\] ClipperNet Internet Access Services *****
***** Finger zach@mailhost.clipper.net for public PGP key *****

References:
- about sendmail 8.8.8 HELO hole
  - From: Valentin Pavlov <root@PNS.NETBG.COM>

Prev by Date: Windows95/98(?) Screensavers
Next by Date: Problem with ascend pipeline routers.
Prev by thread: about sendmail 8.8.8 HELO hole
Next by thread: MS Exchange vulnerable. (was: about sendmail 8.8.8 HELO hole)
Index(es):
- Date
- Thread