grsecurity forums


https://forums.grsecurity.net./

grsecurity and latest sendmail vulnerability

https://forums.grsecurity.net./viewtopic.php?f=3&t=1438

Page 1 of 1

grsecurity and latest sendmail vulnerability

PostPosted: Fri Mar 24, 2006 5:20 am
by marcin_1
Hi,
does grsecurity protects against exploiting latest sendmail vulnerability?
http://xforce.iss.net/xforce/alerts/id/216
If yes, then what options should be turned on?

Regards.

Re: grsecurity and latest sendmail vulnerability

PostPosted: Sun Mar 26, 2006 11:28 am
by PaX Team
marcin_1 wrote:Hi,
does grsecurity protects against exploiting latest sendmail vulnerability?
http://xforce.iss.net/xforce/alerts/id/216
If yes, then what options should be turned on?
it always depends on the exploit technique used and the answer is always the same: runtime code generation based exploits cannot work, the rest may (with or without having to guess randomization, depending on the nature of the bug, info leaking, whatnot).

PostPosted: Wed Mar 29, 2006 9:58 am
by Platyna
Here is a document about how to check if you are vulnerable:
http://rapturesecurity.org/jack/exploit ... dmail.html
However I would simply recommend you upgrade to newest version.

Regards.
All times are UTC - 5 hours [ DST ]
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/