homepage Welcome to WebmasterWorld Guest from 107.21.163.227
register, free tools, login, search, subscribe, help, library, announcements, recent posts, open posts,
Subscribe to WebmasterWorld

Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
Forum Library, Charter, Moderators: bakedjake

Linux, Unix, and *nix like Operating Systems Forum

    
SendMail Vulnerability
Affects all versions; patched version now available
rogerd




msg:907844
 10:03 pm on Mar 3, 2003 (gmt 0)

Just got an alert from SANS.org about a vulnerability in all versions of Sendmail that could allow a hacker root or superuser access when sendmail is running with those privileges.

It looks like Sendmail 8.12.8 now available at Sendmail.org corrects this.

 

hakre




msg:907845
 10:18 pm on Mar 3, 2003 (gmt 0)

thanks a lot. more details are available at iss [iss.net].

bcc1234




msg:907846
 10:30 pm on Mar 3, 2003 (gmt 0)

...In other news today, a new brain patch has been released for all sys admins who run sendmail. It comes in 3 different flavors, blue pill, red pill, and yellow pill - qmail, postfix, and exim respectively. Pregnant women and children under 12 should consult a doctor before taking...

David




msg:907847
 10:38 pm on Mar 3, 2003 (gmt 0)

brain patch

or log on and type

up2date -u
RedHat OS Required

hakre




msg:907848
 10:48 pm on Mar 3, 2003 (gmt 0)

yes, after the detailed description it's even possible for me to execute the update script on a redhat server ;)

rogerd




msg:907849
 12:25 am on Mar 4, 2003 (gmt 0)

brain patch

Hmmm, might need some of those. It seems like most of the UNIX/LINUX hosts I deal with still run Sendmail.

bcc1234




msg:907850
 4:11 am on Mar 4, 2003 (gmt 0)

Hmmm, might need some of those.

Get the blue pill, my favorite :)

john316




msg:907851
 6:39 pm on Mar 4, 2003 (gmt 0)

After updating sendmail, is it neccesary to restart the machine?

jpjones




msg:907852
 6:45 pm on Mar 4, 2003 (gmt 0)

Nope - just restart sendmail.

/etc/rc.d/init.d/sendmail restart

as root

JP

andreasfriedrich




msg:907853
 6:48 pm on Mar 4, 2003 (gmt 0)

Although I admit that configuring Sendmail was great fun when I had enough time on my hands Postfix is just a lot easier to run and a lot more secure ;)

Andreas

martin




msg:907854
 11:48 am on Mar 5, 2003 (gmt 0)

Yah, go with the red pill.

bcc1234




msg:907855
 12:35 pm on Mar 5, 2003 (gmt 0)

Yah, go with the red pill.

Well, according to this
[slashdot.org...]
most of us are on pills :)

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About
© Webmaster World 1996-2014 all rights reserved