Don't you love those assholes who throw the problem out without mentioning it to (available!) developers first.
Just glad Sendmail got a heads up to coordinate the 20 vendors and their patches for that problem. Quoting Randall Gellens ([EMAIL PROTECTED]): > At 7:13 PM -0500 3/11/03, Alan Brown wrote: > > > It is entirely possible that Qualcomm knew about it for months and have > > been unable to reveal it. > > The first I heard of the problem was this morning. > > I've not been able to get a shell, but I have been able to get > Qpopper to crash using the exploit. A fixed Qpopper (version > 4.0.5fc2) is available now at > <ftp://ftp.qualcomm.com/eudora/servers/unix/popper/beta/>. I plan on > releasing 4.0.5 final tomorrow unless I hear of any problems with > 4.0.5fc2.
