[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [linux-security] ALERT: remote exploit in sendmail (SuSE)
On Thu, Sep 18, 2003 at 04:32:56PM -0700, Martin Siegert wrote:
> Topic
> =====
> buffer overflow in sendmail permits remote exploit
>
> Problem Description
> ===================
> A bug was found in the prescan() function of unpatched Sendmail
> versions prior to 8.12.10. The sucessful exploitation of this bug can lead
> to heap and stack structure overflows. Although no exploit currently
> exists, this issue is locally exploitable and may also be remotely
> exploitable.
>
> Additionally there exists a potential buffer overflow in ruleset parsing.
> This problem is not exploitable in the default sendmail configuration;
> it is exploitable only if non-standard rulesets recipient (2), final (4),
> or mailer-specific envelope recipients rulesets are used.
>
> Affected Versions
> =================
> sendmail versions prior to 8.12.10
>
> Solution
> ========
> Upgrade to version 8.12.10 or patch version for your distribution
SuSE
----
After performing the update, it is necessary to restart all running
instances of sendmail using the command "rcsendmail restart" as root.
SuSE-7.2
--------
rpm -Fvh sendmail-8.11.3-112.i386.rpm \
sendmail-tls-8.11.3-116.i386.rpm
SuSE-7.3
--------
rpm -Fvh sendmail-8.11.6-167.i386.rpm \
sendmail-tls-8.11.6-169.i386.rpm
SuSE-8.0
--------
rpm -Fvh sendmail-8.12.3-78.i386.rpm \
sendmail-devel-8.12.3-78.i386.rpm
SuSE-8.1
--------
rpm -Fvh sendmail-8.12.6-159.i586.rpm \
sendmail-devel-8.12.6-159.i586.rpm
SuSE-8.2
--------
rpm -Fvh sendmail-8.12.7-77.i586.rpm \
sendmail-devel-8.12.7-77.i586.rpm