Big Brother Awards
quintessenz search  /  subscribe  /  upload  /  contact  
/q/depesche *
/kampaigns
/topiqs
/doquments
/contaqt
/about
/handheld
/subscribe
Linuxwochen Österreich Tour
RSS-Feed Depeschen RSS
Hosted by AKIS
<<   ^   >>
Date: 2003-03-03

Security: Sendmail

"Neue" Sicherheitslücke in Sendmail gefunden. Das Programm, dass seit den 80er Jahren für die Zustellung eines Grossteils (geschätzt 50-75%) der Internet E-Mail zuständig ist, hat bereits eine lange Geschichte an Sicherheitsproblemen. Alle Sendmail Versionen seit 5.79 anfällig (~10-12 Jahre): Grosses Wurmpotential.
-.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-.

Patches: http://www.sendmail.org/patchcr.html

Advisory:
https://gtoc.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950

[...]
ISS X-Force has discovered a buffer overflow vulnerability in the Sendmail Mail Transfer Agent (MTA). Sendmail is the most common MTA and has been documented to handle between 50% and 75% of all Internet email traffic.
[...]
Attackers may remotely exploit this vulnerability to gain "root" or superuser control of any vulnerable Sendmail server. Sendmail and all other email servers are typically exposed to the Internet in order to send and receive Internet email. Vulnerable Sendmail servers will not be protected by legacy security devices such as firewalls and/or packet filters. This vulnerability is especially dangerous because the exploit can be delivered within an email
message and the attacker doesn't need any specific knowledge of the target to launch a successful attack.
[...]

- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-.
edited by typo
published on: 2003-03-03
comments to office@quintessenz.at
subscribe Newsletter
- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-.
<<   ^   >>
Druck mich
Linuxwochen Austria

meet q/uintessenz every friday

BigBrotherAwards





25. Oktober 2017
freier Eintritt
#BBA17
Big Brother Awards Austria
 related topiqs
 
 /q/depeschen
 


 CURRENTLY RUNNING
bits4free 18. Jan. 2012: Ihre Meinung zählt
Liquid Democracy - direkte Demokratie durch Online-Partizipation?
 
 !WATCH OUT!
q/Talk, Di 29. Nov: Es gilt die unSchuldsvermutung!
Bürger unter Generalverdacht und stundenlange Einvernahme von Chattern