Sendmail bug to flaw: should I file another bug report?
Gilbert Sebenste
sebenste at weather3.admin.niu.edu
Wed Aug 30 16:24:09 UTC 2006
On Wed, 30 Aug 2006, Jason L Tibbitts III wrote:
> The current security audit says:
>
> CVE-2006-4434 ignore (sendmail, fixed 8.13.8) not exploitable
>
> The CVE says:
>
> Official Statement from Red Hat (8/30/2006)
> This flaw causes a crash but does not result in a denial of service
> against Sendmail and is therefore not a security issue.
Causing a crash from remotely is NOT a security issue? Someone explain
that to me, please...
*******************************************************************************
Gilbert Sebenste ********
(My opinions only!) ******
*******************************************************************************
More information about the fedora-list
mailing list