[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [linux-security] ALERT: remote root exploit in sendmail (Debian)
On Mon, Mar 03, 2003 at 12:00:47PM -0800, Martin Siegert wrote:
> Topic
> =====
> ALERT: remot root exploit in sendmail
>
> Problem Description
> ===================
> There exists a remotely exploitable vulnerability in sendmail.
> The following is from the CERT advisory on this vulnerability:
> This vulnerability is message-oriented as opposed to connection-oriented.
> That means that the vulnerability is triggered by the contents of a
> specially-crafted email message rather than by lower-level network traffic.
> This is important because an MTA (mail transfer agent) that does not contain
> the vulnerability will pass the malicious message along to other MTAs that
> may be protected at the network level. In other words, vulnerable sendmail
> servers on the interior of a network are still at risk, even if the site's
> border MTA uses software other than sendmail. Also, messages capable of
> exploiting this vulnerability may pass undetected through many common
> packet filters or firewalls.
> This vulnerability has been successfully exploited.
> A successful attack against an unpatched sendmail system will not leave any
> messages in the system log. However, on a patched system, an attempt to
> exploit this vulnerability will leave the following log message:
>
> Dropped invalid comments from header address
>
> Although this does not represent conclusive evidence of an attack, it
> may be useful as an indicator.
>
> A patched sendmail server will drop invalid headers, thus preventing
> downstream servers from receiving them.
>
> It is strongly advised that systems that run a sendmail daemon are
> updated immediately.
>
> Affected Systems
> ================
> systems that run a sendmail daemon with versions earlier than 8.12.8
>
> Solution
> ========
> upgrade to sendmail version 8.12.8 (or patched version for your distribution)
Debian 2.2 (potato)
-------------------
upgrade to sendmail_8.9.3-25_i386.deb
Debian 3.0 (woody)
------------------
upgrade to sendmail_8.12.3-5_i386.deb, libmilter-dev_8.12.3-5_i386.deb