[comp.mail.sendmail] sendmail worm

jac@doc.ic.ac.uk (Jim Crammond) (11/07/88)

You may have heard of a virus that has attacked arpanet over the weekend.

I believe this is in fact a "worm" that exploits a hole in bsd4.3 related
sendmail which has been compiled with the debug option.

For details I suggest you read the RISKS digest V7 Issues 69 and 70.

A note for Sun users: the standard sendmail binary is not compiled with
the debug code and therefore is safe from this attack.

-Jim.

Andy.Linton@newcastle.ac.uk (Andy Linton) (11/07/88)

Every Sun (OS3.n and OS 4.0) we have had the debug option compiled in until
this morning.  People should check this out on each of their systems. 

Are Sun listening to all this? Will they supply a new binary for people
without sources?
--
Andy Linton		ARPA  = Andy.Linton@newcastle.ac.uk
"The Postmaster"	UUCP  =	...!ukc!newcastle.ac.uk!Andy.Linton
			PHONE =	+44 91 222 7784

sjl@ukc.ac.uk (S.J.Leviseur) (11/07/88)

| Are Sun listening to all this? Will they supply a new binary for people
| without sources?

More interestingly, did they get hit by the virus? They are one of the
few UK site who could have as far as I can see.

	sean

syngen@ux.rfhsm.lon.ac.uk (Syngen Brown) (11/07/88)

+ 
+  Are Sun listening to all this? Will they supply a new binary for people
+  without sources?
+ 

Whilst we have BSD sendmail sources on site, we don't have Sun sources:
Could someone briefly outline any differences between standard BSD and
Sun sendmail that should be considered if regenerating from those
sources?

-Syngen