[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Remote Sendmail Header Processing Vulnerability
- Subject: Re: [cobalt-security] Remote Sendmail Header Processing Vulnerability
- From: Jay Summers <jay@xxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 5 Mar 2003 09:29:11 -0600
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
On Tuesday, March 4, 2003, at 07:53 PM, CDNS Administration wrote:
I too would echo the question, any plans for anyone making a .pkg for
the Raq2?
There's already a fix for the Raq2. It was posted by Harald on this
very thread.
I wouldn't suggest you wait for someone to roll up a package:
A. Because of the severity of the exploit.
B. Because it's relatively easy to fix.
C. Because Sun won't release a fix till a month from now.
Here's cut and paste instructions. I provide no warranty, use at your
own risk, YMMV, yada, yada, yada.
SSH into your server.
# su -
# enter admin password
[root root]# cd /home
[root home]# wget http://www.knet.at/~hk/raq2/sendmail
[root home]# mv sendmail /usr/sbin/sendmail.new
[root home]# cd /usr/sbin
[root sbin]# cp sendmail sendmail.orig
[root sbin]# chgrp mail sendmail.new
[root sbin]# chmod 555 sendmail.new
[root sbin]# chmod u+s sendmail.new
Check permissions on the new sendmail.
[root sbin]# ls -la sendmail*
-r-sr-xr-x 1 root mail 530172 Mar 4 09:19 sendmail
-r-sr-xr-x 1 root root 737374 Mar 4 09:17 sendmail.new
-r-sr-xr-x 1 root root 737374 Mar 4 09:17 sendmail.orig
[root sbin]# mv sendmail.new sendmail
[root sbin]# /etc/rc.d/init.d/sendmail stop
[root sbin]# /etc/rc.d/init.d/sendmail start
-> check yourself by telnetting to it on port 25
eg.
telnet localhost 25
(then type "quit")
It will tell you what version of sendmail is running.
HTH,
j