Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!helps!bigtex!james From: james@bigtex.cactus.org (James Van Artsdalen) Newsgroups: comp.unix.sysv386 Subject: Re: Esix Rev D. support, potential security hole Keywords: sendmail, Internet worm, unanswered questions, months Message-ID: <49866@bigtex.cactus.org> Date: 16 Nov 90 17:42:54 GMT References: <1990Nov5.180148.1046@ingres.Ingres.COM> <445@beagle.UUCP> <1990Nov14.044234.7615@msuinfo.cl.msu.edu> Reply-To: james@bigtex.cactus.org (James Van Artsdalen) Organization: Institute of Applied Cosmology, Austin TX Lines: 33 In <1990Nov14.044234.7615@msuinfo.cl.msu.edu>, conklin@frith.uucp (Terry Conklin) wrote: > Let's get the security hole out of the way first. ESIX Revision D > 'fails' the security test given in the June issue of Unix/World of > checking for strings in /usr/lib/sendmail's binary. Apparently, ESIX not > only still has the 'debug' id still in their sendmail, but they > also have a questionable string right after, 'wiz.' Sigh. Did you actually manage to break sendmail? Please *test* a hypothesis before accusing someone of something. There's nothing wrong with the debug command. The so-called "debug" hole was actually in recipient.c. The beginner's fix is to remove "debug" - the correct fix is the remove the bug itself! Just removing the "debug" command probably leaves open clever attacks based on the "-bs -d1-99.99" options, or based on the smtp queue. Neither method uses the "debug" command, but both attack the bug. As far as the "wiz" string, that's in the binary if wizard mode is on or off. You get an error message if wizard mode is disabled in the source: /usr3/src/sendmail/src> ./sendmail -bs 220 bigtex.cactus.org Sendmail 5.59/smail2.5/04-14-88 ready at Fri, 16 Nov 90 11:33:55 CST wiz 500 You wascal wabbit! Wandering wizards won't win! quit 221 bigtex.cactus.org closing connection /usr3/src/sendmail/src> -- James R. Van Artsdalen james@bigtex.cactus.org "Live Free or Die" Dell Computer Co 9505 Arboretum Blvd Austin TX 78759 512-338-8789