LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Not many, but look at severity

Not many, but look at severity

Posted Mar 23, 2006 16:50 UTC (Thu) by rfunk (subscriber, #4054)
In reply to: A serious sendmail security hole by mjcox@redhat.com
Parent article: A serious sendmail security hole

I agree that there aren't many vulnerabilities in any MTAs these days. But it only takes one remote root to ruin your week.

Vulnerabilities fixed in sendmail: 1 critical Vulnerabilities fixed in postfix: 1 low

It's striking to me that even after sendmail fixed some architecture problems with 8.12, there have been multiple remote root holes discovered, while the better-architected postfix and qmail have never had any remote root holes discovered in that same amount of time -- or ever, to my knowledge.

Vulnerabilities fixed in exim: 3 moderate

Meanwhile, exim gets by with an architecture similar to sendmail's, but starts with better code, and the results seem to show the compromise.

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds