Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Handlers Diary Blog - Sendmail vuln InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Sendmail vuln

Published: 2006-03-23
Last Updated: 2006-03-24 19:22:24 UTC
by Adrien de Beaupre (Version: 2)
0 comment(s)
Update:  The best writeup that we've found for this is http://xforce.iss.net/xforce/alerts/id/216.  Also, Sun has has released a bulletin here, but they claim that Solaris 8 is unaffected (currently that platform is running sendmail 8.11.7).  From reading the other advisories, I believe that this information may be incorrect and the Solaris 8 may be affected since the vulnerability applies to all versions prior to 8.13.6.  --Jim Clausing

Update 2: 2006-03-24 19:21 UTC - Sun has updated the advisory and will be providing patches for Solaris 8 as well.  Thank you, Sun.  --JAC


Sendmail has released an advisory related to a vulnerability in all versions of sendmail 8 previous to 8.13.6 of this popular MTA.  The advisory includes the commercial versions of products using sendmail.

http://www.sendmail.com/company/advisory/
and it has CVE entry CVE-2006-0058

Impact: the attacker could run arbitrary commands.

Mitigation: upgrade to 8.13.6, apply the patch, or setting the RunAsUser option in the configuration file.
This one looks bad.

Sendmail.org

Secunia

Update: as more information becomes available this is starting to look worse.
Patch or upgrade NOW!

Cheers,
Adrien

Keywords:
0 comment(s)
Diary Archives