Koozali.org: home of the SME Server

Legacy Forums => Experienced User Forum => Topic started by: Mike Scheuing on March 04, 2003, 03:47:33 PM

Title: Security: ISS Discovers A Remote Hole In Sendmail
Post by: Mike Scheuing on March 04, 2003, 03:47:33 PM

Is SME 5.6 vulnerable? The story is running on Slashdot.

http://slashdot.org/articles/03/03/03/198255.shtml?tid=126&tid=95&tid=172

For the future, how does one submit a security alert to the development team for their review? Are posts like this even necessary or can we assume they are already working on it? I am not sure where to look to see what security issues are being dealt with...

Thanks
Mike

Title: Re: Security: ISS Discovers A Remote Hole In Sendmail
Post by: Dan Brown on March 04, 2003, 03:49:29 PM

1.  SME doesn't use sendmail, and never has, for exactly this reason.

2.  smesecurity@mitel.com.