CERT Advisory CA-2003-25 Buffer Overflow in Sendmail
Original issue date: September 18, 2003 Last revised: -- Source: CERT/CC
Systems Affected
* Systems running open-source sendmail versions prior to 8.12.10,
including UNIX and Linux systems * Commercial releases of sendmail including Sendmail Switch,
Sendmail Advanced Message Server (SAMS), and Sendmail for NTOverview
A vulnerability in sendmail could allow a remote attacker to execute arbitrary code with the privileges of the sendmail daemon, typically root.
Impact
Depending on platform and operating system architecture, a remote attacker could execute arbitrary code with the privileges of the sendmail daemon. Unless the RunAsUser option is set, Sendmail typically runs as root.
Solution
Upgrade or apply a patch
This vulnerability is resolved in Sendmail 8.12.10. Sendmail has also released a patch that can be applied to Sendmail 8.9.x through 8.12.9. Information about specific vendors is available in Appendix A. and in the Systems Affected section of VU#784980.
Sendmail 8.12.10 is designed to correct malformed messages that are transferred by the server. This should help protect other vulnerable sendmail servers.
Enable the RunAsUser option
While there is no known complete workaround, consider setting the RunAsUser option to reduce the impact of this vulnerability. It is typically considered to be a good security practice to limit the privileges of applications and services whenever possible.
References
* CERT/CC Vulnerability Note VU#784980 -
<http://www.kb.cert.org/vuls/id/784980>
* Michal Zalewski's post to BugTraq -
<http://www.securityfocus.com/archive/1/337839>
* Sendmail 8.12.10 - <http://www.sendmail.org/8.12.10.html>
* Sendmail patch for 8.12.9 -
<http://www.sendmail.org/patches/parse8.359.2.8>
* Sendmail 8.12.10 announcement -
<http://archives.neohapsis.com/archives/sendmail/2003-q3/0002.html
>
* Sendmail Secure Install -
<http://www.sendmail.org/secure-install.html>
_________________________________________________________________
This vulnerability was discovered by Michal Zalewski. Thanks to Claus
Assmann and Eric Allman of Sendmail for their help in preparing this
document.
_________________________________________________________________Feedback can be directed to the author, Art Manion. ______________________________________________________________________
This document is available from: http://www.cert.org/advisories/CA-2003-25.html ______________________________________________________________________
-- Berhenti langganan: [EMAIL PROTECTED] Arsip dan info: http://linux.or.id/milis.php
