homepage Welcome to WebmasterWorld Guest from 23.20.61.85
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
Forum Library, Charter, Moderators: bakedjake

Linux, Unix, and *nix like Operating Systems Forum

    
SendMail Vulnerability
Affects all versions; patched version now available
rogerd

WebmasterWorld Administrator rogerd us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 451 posted 10:03 pm on Mar 3, 2003 (gmt 0)

Just got an alert from SANS.org about a vulnerability in all versions of Sendmail that could allow a hacker root or superuser access when sendmail is running with those privileges.

It looks like Sendmail 8.12.8 now available at Sendmail.org corrects this.

 

hakre

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 451 posted 10:18 pm on Mar 3, 2003 (gmt 0)

thanks a lot. more details are available at iss [iss.net].

bcc1234

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 451 posted 10:30 pm on Mar 3, 2003 (gmt 0)

...In other news today, a new brain patch has been released for all sys admins who run sendmail. It comes in 3 different flavors, blue pill, red pill, and yellow pill - qmail, postfix, and exim respectively. Pregnant women and children under 12 should consult a doctor before taking...

David

10+ Year Member



 
Msg#: 451 posted 10:38 pm on Mar 3, 2003 (gmt 0)

brain patch

or log on and type

up2date -u
RedHat OS Required

hakre

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 451 posted 10:48 pm on Mar 3, 2003 (gmt 0)

yes, after the detailed description it's even possible for me to execute the update script on a redhat server ;)

rogerd

WebmasterWorld Administrator rogerd us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 451 posted 12:25 am on Mar 4, 2003 (gmt 0)

brain patch

Hmmm, might need some of those. It seems like most of the UNIX/LINUX hosts I deal with still run Sendmail.

bcc1234

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 451 posted 4:11 am on Mar 4, 2003 (gmt 0)

Hmmm, might need some of those.

Get the blue pill, my favorite :)

john316

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 451 posted 6:39 pm on Mar 4, 2003 (gmt 0)

After updating sendmail, is it neccesary to restart the machine?

jpjones

10+ Year Member



 
Msg#: 451 posted 6:45 pm on Mar 4, 2003 (gmt 0)

Nope - just restart sendmail.

/etc/rc.d/init.d/sendmail restart

as root

JP

andreasfriedrich

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 451 posted 6:48 pm on Mar 4, 2003 (gmt 0)

Although I admit that configuring Sendmail was great fun when I had enough time on my hands Postfix is just a lot easier to run and a lot more secure ;)

Andreas

martin

10+ Year Member



 
Msg#: 451 posted 11:48 am on Mar 5, 2003 (gmt 0)

Yah, go with the red pill.

bcc1234

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 451 posted 12:35 pm on Mar 5, 2003 (gmt 0)

Yah, go with the red pill.

Well, according to this
[slashdot.org...]
most of us are on pills :)

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved