Security mail out Information Page

You can modify your EMAIL subscriptions for security notices on this page http://netwinsite.com/cgi-bin/dnotice.cgi

FAQ on security issues

Recommended versions of CGI's

Robots running as root - Security Note


DMail Security Fault Notice 5 June 2000.

A fault was reported that allows root access to be gained.

We recommend all customers upgrade to

If you cannot find an appropriate build for your operating system email support-dmail@netwinsite.com with details and we will provide a build as soon as possible.

Tehnicial Details

The fault is such that root access can be gained primarily to linux hosts using a web published exploit program.

If you are on Linux, then to find out whether your system has been attacked, do this:
    grep "etrn" /usr/local/dmail/dwatch/*.ded
If that finds any lines dated within the last 3 days, it is likely that your system has been attacked.

The fault could be exploited on other systems in future, so it is essential that you upgrade, even if you are not running linux.

We applogize for this fault and we are not happy that it existed in the first place, but  we believe that the above versions will be immune to all similar attacks. However, we will be investigating further in an attempt to find and remove any other possible exploits.

History of Security Fixes

see Known Bugs Page and Updates Page for further details.