Buffer Overflow in Sendmail
ChiefArcher writes "On the footsteps of openssh, Sendmail 8.12.10 has just been released due to a buffer overflow in address parsing. Sendmail states this is potentially remotely exploitable. No updates on the Sendmail site yet, but the FTP site has the release notes."
That's why you should entrust all your email services to Hotmail.
I'll have to dust off my sendmail sploit-of-the-week card and get them to punch it for me! 12 punches and you get a free MTA!
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
A serious response to the story is too bleak. Ho-hum, upgrade sendmail, patch it, OK.
Comedy is inappropriate. "Is that sendmail dead? No, it's just sleeping. Oh, I could swear it was dead! No, it's just tired, see? Sendmail gottan exploit, sendmail gottan exploit!"
Irony is difficult. To be honest, I can't even be sure which ironic form I would employ in this case. Forget irony.
Sarcasm? "Sendmail, yeah, like we're still using that dinosaur!" What, we are? Dang. Why? "Cause it was there?" What kind of an excuse is that?!
Nihilism... "yes, another day, another exploit. ssh, now sendmail. I can just see the future, one long bitter trail of unpatched software, server after server to upgrade. brain the size of a planet, and here I am, patching sendmail. what's the use, I ask you...?"
Slashdotisms? All your sendmail overlords are 1-2-3 profit to us? Imagine? In Russia? No, no, no.
SCO! SCO! "It's not an exploit, it's a snippet!!!" Worth a try.
Damn you to the deepest depths of hell, Slsadhot edirots, this story has so little karma leverage it hurts.
Ceci n'est pas une signature
> Does Linux have an Auto-update mechanism similar to
> windows that indicates when new patches are available
> for download?
Yup. it's called "slashdot"
If you can edit a
Napster-to-go says "Fill and refill your compatible MP3 player", which is a lie. It's not MP3. It's WMA with DRM.
I agree and am migrating to Exchange as I type this. Hopefully it, and Outlook will be more secure for my users.
'Same speed C but faster'
What?? You don't trust software compiled by flying butt monkeys?
who are those slashdot people? they swept over like Mongol-Tartars.
bernstein managed to suck out the brain of many people?