NetBSD sendmail(8) local root compromise

September 7, 2001

Author: JT Smith

From Net-Security.org: “Certain variables were treated as signed values, but
should have been unsigned. Bounds checking was not done
when incrementing an index.

Combined with supplied command-line arguments, a local
user could exploit the setuid-root sendmail binary and the
lack of bounds checking to perform a root compromise.”

Category:

Linux

RELATED ARTICLESMORE FROM AUTHOR

Maintainer Confidential: Challenges and Opportunities One Year On

Bridging Design and Runtime Gaps: AsyncAPI in Event-Driven Architecture

Implementing OpenTelemetry Natively in an Event Broker

Innovation as a Catalyst in Telecommunications

Linux 6.8 Brings More Sound Hardware Support For Intel & AMD, Including The Steam Deck

RELATED ARTICLES MORE FROM AUTHOR