On Wed, 12 Oct 2005, Davide Libenzi wrote: > There is a possible buffer overflow vulnerability in all versions of XMail > previous to 1.22. This does not affect the server itself, but the XMail's > sendmail binary. Since many runs the XMail's sendmail as suid root, the > issue can be critical, even if not easily exploitable w/out knowing the > server setup. I'd suggest everyone to update to 1.22 ASAP:
Side note if it wasn't clear. Even the Windows XMail's sendmail is affected ... - Davide - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
