søn, 2003-03-30 kl. 18:49 skrev Nico Erfurth:
> Another day, another sendmail exploit.
Thanks Nico.
I take it that this was CERT's VU#897604.
If one follows all the urls given in the CERT advisory and sees the
difficulty /commercial/ Sendmail users have to install patches, the mind
boggles. As it does when reading the list of affected open source
distros.
There's only ever been one possible Exim exploit (v4), as far as I can
remember.
Most if not all other Internet services and very many utilities have had
major vulnerabilities - even those of some of my other heroes - P.V. for
example, who's had many, many times and with a lousy attitude to
restitution.
Amazing. Glad I chose Exim, all those years ago.
Best,
Tony
--
Tony Earnshaw
e-post: tonni@???
www: http://www.billy.demon.nl