Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Attack signature of new sendmail vulnerability

On Tue, 4 Mar 2003 12:29:09 -0500
"Bill Horne" <bill at> wrote:

> From:
> "A successful attack against an unpatched sendmail system will not
> leave any messages in the system log. However, on a patched system, an
> attempt to exploit this vulnerability will leave the following log
> message:
>   'Dropped invalid comments from header address'"
> The advisory doesn't say which log this message would be found in.
Thanks. I just checked my online update and SuSE has patch up to version
8.12.6-91, which is a patch that fixes this. 
Jerry Feldman <gaf at>
Boston Linux and Unix user group PGP key id:C5061EA9
PGP Key fingerprint:053C 73EC 3AC1 5C44 3E14 9245 FB00 3ED5 C506 1EA9
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <>

BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix /