Path: utzoo!attcan!uunet!ncrlnk!ncrcae!hubcap!gatech!rutgers!apple!voder!pyramid!romain
From: romain@pyramid.pyramid.com (Romain Kang)
Newsgroups: comp.sys.pyramid
Subject: Re: Pyramid's sendmail
Message-ID: <46784@pyramid.pyramid.com>
Date: 11 Nov 88 17:41:27 GMT
References: <424@merkin.cactus.org>
Reply-To: romain@pyramid.UUCP (Romain Kang)
Organization: Pyramid Technology Corp., Mountain View, CA
Lines: 12

In article <424@merkin.cactus.org> hack@merkin.cactus.org (Greg Hackney) writes:
| Is the sendmail program distributed with OSx 4.1 vulnerable
| to the recent Internet 'virus', if so, recommendations?

Yes.  The same bug/feature that allowed the worm to spread through SMTP
is present in all stock OSx releases.  You can get a PTF from RTOC to
close this hole, as well as related security fixes.

If you're in a hurry, the adb patch that came through
comp.bugs.4bsd.ucb-fixes will work, as long as you use "ucb strings - -o"
instead of just "ucb strings -o".  (In OSx 4.1 and later, the SMTP
command table is kept in read-only (text) space.)