[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Sendmail: If you haven't patched it yet..
- Subject: Re: [cobalt-security] Sendmail: If you haven't patched it yet..
- From: "Ian" <cobalt@xxxxxxxxxxxxx>
- Date: Wed, 05 Mar 2003 16:59:52 -0000
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
On 5 Mar 2003 at 11:45, DNSAdmin wrote:
> You should be shaking in yer boots! You're gonna get hacked!
>
> http://zdnet.com.com/2100-1105-991041.html
>
> Hackers' code exploits Sendmail flaw
>
> A group of four Polish hackers published code to an open security mailing
> list on Tuesday that can take advantage of a major vulnerability in the
> Sendmail mail server.
>
> Sorry; after reading that, I was sure glad I'm patched!
Hi,
The code they released will only work on certain systems:
> Freebsd 4.4 - (default & self compiled Sendmail 8.11.6) does not
> crash Solaris 8.0 x86 - (default & self compiled Sendmail 8.11.6)
> does not crash Solaris 8.0 sparc - (default & self compiled Sendmail
> 8.11.6) does not crash HP-UX 10.20 - (self compiled Sendmail
> 8.11.6) does not crash IRIX 6.5.14 - (self compiled
> Sendmail 8.11.6) does not crash AIX 4.3 - (binary of
> Sendmail 8.11.3 from bull.de) does not crash RedHat 7.0 -
> (default Sendmail 8.11.0) does not crash RedHat 7.2
> - (default Sendmail 8.11.6) does not crash RedHat 7.3
> (p) - (patched Sendmail 8.11.6) does not crash RedHat
> 7.0 - (self compiled Sendmail 8.11.6) crashes RedHat
> 7.2 - (self compiled Sendmail 8.11.6) crashes RedHat
> 7.3 - (self compiled Sendmail 8.11.6) crashes
> Slackware 8.0 (p) - (patched Sendmail 8.11.6 binary) crashes
> Slackware 8.0 - (self compiled Sendmail 8.12.7) does not
> crash RedHat 7.x - (self compiled Sendmail 8.12.7) does not
> crash
The ones that say 'crashed' were vulnerable.
They also go onto say:
> IMPACT Due to the nature of the discussed sendmail vulnerability it seems
> that it is unexploitable on most of commercially available UNIX systems. It
> also doesn't seem to be exploitable on most of the default SMTP
> installations of x86 based open-source systems. This leads to the
> conclusion that the overall impact of the vulnerability is rather limited
> and not so significant as it might be thought.
>
> Hovever, we cannot exclude that there does not exist another execution
> path in the sendmail code, that could lead to the program counter
> overwrite.
The code they submitted was for Slackware 8.0
The original post to Bugtraq (with code) can be found here:
http://www.securityfocus.com/archive/1/313757
Regards
Ian
--