Author: JT Smith
From Net-Security.org: “Certain variables were treated as signed values, but
should have been unsigned. Bounds checking was not done
when incrementing an index.
should have been unsigned. Bounds checking was not done
when incrementing an index.
Combined with supplied command-line arguments, a local
user could exploit the setuid-root sendmail binary and the
lack of bounds checking to perform a root compromise.”
Category:
- Linux