> The hackers are already furiously working on this. Meanwhile, I have a
> multi-billion dollar company thats potentially vulnerable and I don't
> have enough real information to be able to decide on a reasonable
> response. I'm not running a standard sendmail, no one will tell me
> what the bug is so I can check if I'm vulnerable, I can't go out and
> use the patched Sun sendmail because I don't run it, etc.
I heard this through the grapevine, so take it with a grain of salt.
This bug supposedly exploits the sync account with /bin/sync as a shell.
Change the shell to /bin/none.
That's all I've heard, and it's certainly not gospel. If anyone has any
more info, please email me.