Pyramid's sendmail
Romain Kang
romain at pyramid.pyramid.com
Sat Nov 26 16:40:22 AEST 1988
In article <788 at tness1.UUCP> Greg Hackney writes:
| Meanwhile, the adb fix does not work on my OSx4.1 system, but I was
| able to edit the binary with GNU Emacs, and changed the characters
| "debug" and "wiz" to nulls. This closed the hole with no problems
| noticed.
Using nulls seem to make a plain carriage return turn on debug. Here's
a shell script that uses adb to partly overwrite "debug" with 0xff,
which should be safe, since sendmail strips the high bits before
decoding SMTP commands. It has been tested under OSx 4.4b, and
successfully modifies an OSx 4.1 sendmail binary.
#! /bin/ucb /bin/sh
PATH=/usr/ucb:/bin:/usr/bin
echo "Looking for sendmail \"debug\" command..."
DEBUG=`strings - -o /usr/lib/sendmail | grep debug`
if [ $? -ne 0 ]; then
echo "Your sendmail is safe from the Worm."
exit 0
fi
set $DEBUG
echo "Patching sendmail at location $1"...
cp /usr/lib/sendmail sendmail.new
adb -w sendmail.new << EoF
?m 0 0xffffffff 0
?n"Before:"
0t$1?s
0t$1?5b
?n"Patching..."
"?w 0xffff 0
?n"After:"
"?5b
\$q
EoF
echo ""
echo -n "Do you want to install the fixed binary? (Y|N) [default: N] "
read yorn
case "$yorn" in
Y*|y*) ;;
*) echo "OK, we'll leave it alone for now..."
exit 0
esac
if [ "`whoami`" != "root" ]; then
echo "Please run this again as \"root\"."
exit 1
fi
echo "Looking for sendmail daemon..."
daemon=`ps ax | awk '$5 == "/usr/lib/sendmail" && $6 == "-bd" { print }'`
if [ ! -n "$daemon" ]; then
echo "Can't find a running sendmail daemon, continuing..."
set -x
else
set $daemon
echo "This looks like the daemon:"
ps u$1
echo "Last chance to interrupt before killing sendmail..."
set -x
sleep 10
kill $1
fi
:
: Save old binary
mv /usr/lib/sendmail /usr/lib/sendmail.bak
chmod 0 /usr/lib/sendmail.bak
:
: Installing new
mv sendmail.new /usr/lib/sendmail
chmod 4755 /usr/lib/sendmail
:
: Re-freeze sendmail configuration
/usr/lib/sendmail -bz
:
: Re-start daemon if needed
case "$daemon" in
"") : daemon was not running, we are done
exit 0
;;
*) set $daemon
$5 $6 $7 $8 $9
exit 0
;;
esac
More information about the Comp.sys.pyramid
mailing list