[plug] [RANT] Sendmail bug - c'mon people!

Gavin Rogers grogers at vk6hgr.echidna.id.au
Wed Mar 5 23:59:48 WST 2003


Hiyas.

Sorry for the rant but I've just got the results from a little script I've 
been running today at work and at home on the mail server. It records the 
sendmail version as reported in the header.

Out of the 98 servers we were emailed from, 56 were running sendmail of 
some sort. (or a config that showed the fact in the header).

One. ONE! Was running the 'safe' version - 8.12.8.  ONE?!?

If your linux system runs sendmail, upgrade! It's not optional!

(or use something better, like exim. hehe)

Maybe I've overstated the seriousness of a root exploit in the world's most 
used mail transfer program or something... Okay, Let the flames come forth :-)

Gavin.

---
Amateur radio station VK6HGR
http://vk6hgr.ampr.org/

Email : grogers at vk6hgr.echidna.id.au
Ampr  : grogers at vk6hgr.ampr.org
Packet: vk6hgr at vk6hgr.#per.#wa.aus.oc



More information about the plug mailing list