On 5 Mar 2003 at 11:45, DNSAdmin wrote: > You should be shaking in yer boots! You're gonna get hacked! > > http://zdnet.com.com/2100-1105-991041.html > > Hackers' code exploits Sendmail flaw > > A group of four Polish hackers published code to an open security mailing > list on Tuesday that can take advantage of a major vulnerability in the > Sendmail mail server. > > Sorry; after reading that, I was sure glad I'm patched!
Hi, The code they released will only work on certain systems: > Freebsd 4.4 - (default & self compiled Sendmail 8.11.6) does not > crash Solaris 8.0 x86 - (default & self compiled Sendmail 8.11.6) > does not crash Solaris 8.0 sparc - (default & self compiled Sendmail > 8.11.6) does not crash HP-UX 10.20 - (self compiled Sendmail > 8.11.6) does not crash IRIX 6.5.14 - (self compiled > Sendmail 8.11.6) does not crash AIX 4.3 - (binary of > Sendmail 8.11.3 from bull.de) does not crash RedHat 7.0 - > (default Sendmail 8.11.0) does not crash RedHat 7.2 > - (default Sendmail 8.11.6) does not crash RedHat 7.3 > (p) - (patched Sendmail 8.11.6) does not crash RedHat > 7.0 - (self compiled Sendmail 8.11.6) crashes RedHat > 7.2 - (self compiled Sendmail 8.11.6) crashes RedHat > 7.3 - (self compiled Sendmail 8.11.6) crashes > Slackware 8.0 (p) - (patched Sendmail 8.11.6 binary) crashes > Slackware 8.0 - (self compiled Sendmail 8.12.7) does not > crash RedHat 7.x - (self compiled Sendmail 8.12.7) does not > crash The ones that say 'crashed' were vulnerable. They also go onto say: > IMPACT Due to the nature of the discussed sendmail vulnerability it seems > that it is unexploitable on most of commercially available UNIX systems. It > also doesn't seem to be exploitable on most of the default SMTP > installations of x86 based open-source systems. This leads to the > conclusion that the overall impact of the vulnerability is rather limited > and not so significant as it might be thought. > > Hovever, we cannot exclude that there does not exist another execution > path in the sendmail code, that could lead to the program counter > overwrite. The code they submitted was for Slackware 8.0 The original post to Bugtraq (with code) can be found here: http://www.securityfocus.com/archive/1/313757 Regards Ian -- _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
