--- Les Mikesell lesmikesell@gmail.com wrote:
On Wed, 2006-04-12 at 12:29, Mike Stankovic wrote:
The recent sendmail security update allows a remote root exploit !!
*If* sendmail is running as root and you can time your exploit to hit while it is executing a setjmp() instruction which sounds kind of theoretical to me. But your point about staying current with updates is absolutely correct.
From February 15th 2005 through February 14th 2006 the
list at http://www.redhat.com/magazine/017mar06/features/riskreport/ outlines them in greater detail. (Note there have been other risks since February 15th 2006)
__________________________________________________ Improve the mailing list by performing a simple search before posting and reading the FAQ/etiquette. Protect the integrity of your installation with the yum plugins.
__________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com