module
Morris Worm sendmail Debug Mode Shell Escape
| Disclosed |
|---|
| Nov 2, 1988 |
Disclosed
Nov 2, 1988
Description
This module exploits sendmail's well-known historical debug mode to
escape to a shell and execute commands in the SMTP RCPT TO command.
This vulnerability was exploited by the Morris worm in 1988-11-02.
Cliff Stoll reports on the worm in the epilogue of The Cuckoo's Egg.
Currently, only cmd/unix/reverse and cmd/unix/generic are supported.
escape to a shell and execute commands in the SMTP RCPT TO command.
This vulnerability was exploited by the Morris worm in 1988-11-02.
Cliff Stoll reports on the worm in the epilogue of The Cuckoo's Egg.
Currently, only cmd/unix/reverse and cmd/unix/generic are supported.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.