[TriLUG] Critical sendmail vulnerability
Jeremy Portzer
jeremyp at pobox.com
Mon Mar 3 13:10:32 EST 2003
Sendmail has *yet* another remote-root vulnerability discovered
recently. For details see
http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950
An excerpt from that advisory reads, "This vulnerability
is especially dangerous because the exploit can be delivered within an
email message and the attacker doesn't need any specific knowledge of
the target to launch a successful attack."
Red Hat has released errata packages here:
https://rhn.redhat.com/errata/RHSA-2003-073.html
Mandrake doesn't appear to have packages yet but I presume they and
other vendors will create some soon.
I'm working on syncing the TriLUG servers so the Red Hat updates should
be available soon there, for those of you using apt or current on the
TriLUG mirrors.
--Jeremy Portzer
More information about the TriLUG
mailing list