sendmail
Pawel Krawczyk
kravietz at ceti.com.pl
Wed Nov 4 14:29:04 CET 1998
Dzis w nocy ktos puscil na bugtraq zrodlo programiku smad.c:
/*
* smad.c - sendmail accept dos -
*
* Salvatore Sanfilippo [AntireZ]
* Intesis SECURITY LAB Phone: +39-2-671563.1
* Via Settembrini, 35 Fax: +39-2-66981953
* I-20124 Milano ITALY Email: antirez at seclab.com
* md5330 at mclink.it
*
* compile it under Linux with gcc -Wall -o smad smad.c
*
* usage: smad fakeaddr victim [port]
*/
Jesli jeszcze tego nie zrobiliscie, to zapatchujcie sendmaila. Okolice
linijki 316 w daemon.c powinny wygladac nastepujaco:
t = accept(DaemonSocket,
(struct sockaddr *)&RealHostAddr, &lotherend);
if (t >= 0 || (errno != EINTR && errno != ENETUNREACH &&
errno != EHOSTUNREACH))
break;
--
Pawel Krawczyk, CETI internet, Krakow. http://www.ceti.com.pl/
More information about the pld-devel-pl
mailing list