Just a small correction:
On Tue, 4 Mar 2003, James Melin wrote:
[ quoting the advisory ]
>
> On February 14th a TruSecure Radar posting indicated that we were
> aware of a potential vulnerability in Sendmail. Today, a coordinated
> announcement was made regarding a Sendmail header buffer overflow
> vulnerability. It is expected that code exploiting this
> vulnerability is already in circulation and attacks will be likely in
> the near future.
>
> Most installations of Unix include Sendmail by default and are
> therefore probably vulnerable.
* SuSE uses postfix by default, (right?)
* Debian uses exim by default
* RedHat: RH7.2 uses sendmail by default. But RH7.3 and above (and the
Advanced server as well?) uses postfix by default
Note that all three distros have a sendmail package.
>
> This may impact an organization's infrastructure because many
> firewalls and content filtering products contain Sendmail.
Wow! show me such a firewall! It should be exterminated!
>
> It is recommended that customers who are using a firewall that
> proxies mail, using Sendmail, implement packet filtering rules to
> redirect mail through patched or non-Sendmail systems while
> propagating fixes from their vendors.
non-Sendmail systems is probably the better option. qmail has a very
"clean" security history. Postfix and Exim also have a ratheer "clean"
track record (and postfix shares most of the paranoid design decisions of
qmail)
Meanwhile not a year goes by without a new hole in sendmail...
(I personally use postfix)
--
Tzafrir Cohen
mailto:[EMAIL PROTECTED]
http://www.technion.ac.il/~tzafrir
