Re: Sendmail bug to flaw: should I file another bug report?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 2006-08-30 at 11:24 -0500, Gilbert Sebenste wrote:
> >
> > CVE-2006-4434 ignore (sendmail, fixed 8.13.8) not exploitable
> >
> > The CVE says:
> >
> > Official Statement from Red Hat (8/30/2006)
> > This flaw causes a crash but does not result in a denial of service
> > against Sendmail and is therefore not a security issue.
> 
> Causing a crash from remotely is NOT a security issue? Someone explain 
> that to me, please...

I think this means a crash of a child sendmail process handling the
connection that causes the crash.  That shouldn't affect anything else.

-- 
  Les Mikesell
   lesmikesell@xxxxxxxxx



[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux