North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS,Memory Jumps, Integer Overflow)
Steven M. Bellovin wrote:
There are two exploit code samples I saw. There are two remote exploits for one of them so far that are public that I know of.On Sat, 25 Mar 2006 04:39:11 +0200, Gadi Evron <firstname.lastname@example.org> wrote:Valdis.Kletnieks@vt.edu wrote:Well, it *is* mostly a theoretical overflow - for it to work, a site would have to:Exploit is out there. How long did that take?Is the exploit actually effective in the wild? The conditions Valdis spoke of are improbable -- are there actually vulnerable sites? Or is the attack much easier than he had indicated?
I haven't seen any exploited sites yet.