procmail
[Top] [All Lists]

Security hole in sendmail 8.8

1998-06-14 22:29:56
Somebody's starting to exploit a hole in sendmail 8.8, where
giving a HELO longer than 1024 bytes causes buffer overflow,
and all following "Received:" headers are lost.  If it's done
off a relay, we have no clue who sent it.  There may be a
more elegant solution, but here's a quick-n-dirty procmail
filter for this stunt.

#
# Note: The 5 lines of dots starting with "*  ^Received:"
# should be one long continuous line of dots.
#
:0:
*  ^Received:..................................................
...............................................................
...............................................................
...............................................................
...............................................................
| formail -A "X-Reject: Using security hole in sendmail 8.8"
junkmail

-- 
Walter Dnes (Toronto)
<waltdnes(_at_)interlog(_dot_)com>

<Prev in Thread] Current Thread [Next in Thread>
  • Security hole in sendmail 8.8, Walter Dnes <=