[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[linux-security] ALERT: remote exploit in sendmail

To: linux-security
Subject: [linux-security] ALERT: remote exploit in sendmail
From: Martin Siegert <siegert@sfu.ca>
Date: Thu, 18 Sep 2003 16:32:56 -0700
User-Agent: Mutt/1.4.1i

Topic
=====
buffer overflow in sendmail permits remote exploit

Problem Description
===================
A bug was found in the prescan() function of unpatched Sendmail
versions prior to 8.12.10. The sucessful exploitation of this bug can lead
to heap and stack structure overflows.  Although no exploit currently
exists, this issue is locally exploitable and may also be remotely
exploitable.

Additionally there exists a potential buffer overflow in ruleset parsing.
This problem is not exploitable in the default sendmail configuration;
it is exploitable only if non-standard rulesets recipient (2), final (4),
or mailer-specific envelope recipients rulesets are used.

Affected Versions
=================
sendmail versions prior to 8.12.10

Solution
========
Upgrade to version 8.12.10 or patch version for your distribution

RedHat 7.1
----------
rpm -Fvh sendmail-8.11.6-27.71.i386.rpm \
         sendmail-doc-8.11.6-27.71.i386.rpm \
         sendmail-devel-8.11.6-27.71.i386.rpm \
         sendmail-cf-8.11.6-27.71.i386.rpm

RedHat 7.2
----------
rpm -Fvh sendmail-8.11.6-27.72.i386.rpm \
         sendmail-doc-8.11.6-27.72.i386.rpm \
         sendmail-devel-8.11.6-27.72.i386.rpm \
         sendmail-cf-8.11.6-27.72.i386.rpm

RedHat 7.3
----------
rpm -Fvh sendmail-8.11.6-27.73.i386.rpm \
         sendmail-doc-8.11.6-27.73.i386.rpm \
         sendmail-devel-8.11.6-27.73.i386.rpm \
         sendmail-cf-8.11.6-27.73.i386.rpm

RedHat 8.0
----------
rpm -Fvh sendmail-8.12.8-9.80.i386.rpm \
         sendmail-doc-8.12.8-9.80.i386.rpm \
         sendmail-devel-8.12.8-9.80.i386.rpm \
         sendmail-cf-8.12.8-9.80.i386.rpm

RedHat 9
--------
rpm -Fvh sendmail-8.12.8-9.90.i386.rpm \
         sendmail-doc-8.12.8-9.90.i386.rpm \
         sendmail-devel-8.12.8-9.90.i386.rpm \
         sendmail-cf-8.12.8-9.90.i386.rpm

Debian 3.0 (woody)
------------------
upgrade to sendmail_8.12.3-6.6_i386.deb,
           sendmail-wide_8.12.3+3.5Wbeta-5.5_i386.deb,
           libmilter-dev_8.12.3-6.6_i386.deb

Mandrake 8.2
------------
rpm -Fvh sendmail-8.12.1-4.5mdk.i586.rpm \
         sendmail-cf-8.12.1-4.5mdk.i586.rpm \
         sendmail-devel-8.12.1-4.5mdk.i586.rpm \
         sendmail-doc-8.12.1-4.5mdk.i586.rpm

Mandrake 9.0
------------
rpm -Fvh sendmail-8.12.6-3.5mdk.i586.rpm \
         sendmail-cf-8.12.6-3.5mdk.i586.rpm \
         sendmail-devel-8.12.6-3.5mdk.i586.rpm \
         sendmail-doc-8.12.6-3.5mdk.i586.rpm

Mandrake 9.1
------------
rpm -Fvh sendmail-8.12.9-1.2mdk.i586.rpm \
         sendmail-cf-8.12.9-1.2mdk.i586.rpm \
         sendmail-devel-8.12.9-1.2mdk.i586.rpm \
         sendmail-doc-8.12.9-1.2mdk.i586.rpm

Follow-Ups:
- Re: [linux-security] ALERT: remote exploit in sendmail (SuSE)
  - From: Martin Siegert <siegert@sfu.ca>

Prev by Date: Re: [linux-security] ALERT: Again: possibility of remote root exploit in openssh (SuSE)
Next by Date: Re: [linux-security] ALERT: remote exploit in sendmail (SuSE)
Prev by thread: [linux-security] DoS vulnerabilities and possibly remote root exploit in openssl
Next by thread: Re: [linux-security] ALERT: remote exploit in sendmail (SuSE)
Index(es):
- Date
- Thread