[TriLUG] Critical sendmail vulnerability

JoJo Almario jalmario at intrah.org
Mon Mar 3 17:23:24 EST 2003 

As part of the Redhat Network up2date subscription, I get these 
e-mails.  RHN Updates have really allowed me to keep on top off all 
security vulnerabilities...might wanna check it out. www.redhat.com.

Nonetheless, Jeremy gets extreme cool points for posting the " heads up" 
on the list.




Reginald Reed wrote:

>I really appreciate email like this!  I've patched and restarted
>sendmail on one of the co-located servers I manage part-time.  As
>everyone knows, security really doesn't happen "part-time," so notes
>like this help me be more effective.
>
>Thanks again.
>
>>-----Original Message-----
>>From: trilug-admin at trilug.org 
>>[mailto:trilug-admin at trilug.org] On Behalf Of Jeremy Portzer
>>Sent: Monday, March 03, 2003 1:11 PM
>>To: TriLUG List
>>Subject: [TriLUG] Critical sendmail vulnerability
>>
>>
>>Sendmail has *yet* another remote-root vulnerability discovered
>>recently.   For details see
>>
>http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950
>
>An excerpt from that advisory reads, "This vulnerability
>is especially dangerous because the exploit can be delivered within an
>email message and the attacker doesn't need any specific knowledge of
>the target to launch a successful attack."
>
>Red Hat has released errata packages here:
>https://rhn.redhat.com/errata/RHSA-2003-073.html
>
>Mandrake doesn't appear to have packages yet but I presume they and
>other vendors will create some soon.
>
>I'm working on syncing the TriLUG servers so the Red Hat updates should
>be available soon there, for those of you using apt or current on the
>TriLUG mirrors.
>
>--Jeremy Portzer
>
>
>_______________________________________________
>TriLUG mailing list
>    http://www.trilug.org/mailman/listinfo/trilug
>TriLUG Organizational FAQ:
>    http://www.trilug.org/~lovelace/faq/TriLUG-faq.html
>
>_______________________________________________
>TriLUG mailing list
>    http://www.trilug.org/mailman/listinfo/trilug
>TriLUG Organizational FAQ:
>    http://www.trilug.org/~lovelace/faq/TriLUG-faq.html
>

-- 

JoJo Almario
Network Administrator
Intrah /UNC School of Medicine
Office - 919-843-5145
Fax    - 919-966-6816
jalmario at intrah.org


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.trilug.org/pipermail/trilug/attachments/20030303/340cfe29/attachment.html>

More information about the TriLUG mailing list