lug-bg: ���: Re: Re[2]: lug-bg: sendmail <8.12.8 vulnerable

[todor.lazarov@email.domain.hidden (Todor.lazarov [SysAdmin])]

Àáå çà ïî-ñèãîðíî, ùå ñå upgretna äî 8.12.8
Ñàìî åäèí âúïðîñ ???

Äî ñåãà sendmail ñúì ãî èíñòàëèðàë è êîíôèãóðèðàë ïî
òîâà ðúêîâîäñòâî: http://www.lcpe.uni-sofia.bg/linuxdoc/sendmail/install.txt

Áëàãîäàðÿ íà Âåñåëèí çà òîâà.

Íî ïðè update íóæíî ëè å âñè÷êî äà ñå èçïúëíÿâà
ãîâîðÿ çà ò.1 äî ò.13 îò Ñàìàòà èíñòàëàöèÿ.

--------- Îðèãèíàëíî ñúîáùåíèå --------
Îò: lug-bg_at_linux-bulgaria.org
Äî: lug-bg_at_linux-bulgaria.org <lug-bg_at_linux-bulgaria.org>
Òåìà: Re: Re[2]: lug-bg: sendmail <8.12.8 vulnerable
Äàòà: 04/03/03 10:25

<em class="quotelev1">>
<em class="quotelev1">> -----BEGIN PGP SIGNED MESSAGE-----
<em class="quotelev1">> Hash: SHA1
<em class="quotelev1">>
<em class="quotelev1">> On Tuesday 04 Mar 2003 12:17, Todor Lazarov wrote:
<em class="quotelev1">> &gt;
<em class="quotelev1">> &gt; Ñåðèîçåí ëè å ïðîáëåìà ???
<em class="quotelev1">>
<em class="quotelev1">> Eto opisanieto na problema, pri tova e napisano mnogo po-razbrano
<em class="quotelev1">> ot kolkoto CERT sa go napravili. Niakoi hora v CERT (osobeno redaktorite)
<em class="quotelev1">> sa tzare na neiasnata misal:)
<em class="quotelev1">>
<em class="quotelev1">>
<em class="quotelev1">> - --&gt;
<em class="quotelev1">>
<em class="quotelev1">> Security Advisory - RHSA-2003:073-06
<em class="quotelev1">> -
------------------------------------------------------------------------------
<em class="quotelev1">> Summary:
<em class="quotelev1">> Updated sendmail packages fix critical security issues
<em class="quotelev1">>
<em class="quotelev1">> Updated Sendmail packages are available to fix a vulnerability that
<em class="quotelev1">> may allow remote attackers to gain root privileges by sending a
<em class="quotelev1">> carefully crafted message.
<em class="quotelev1">>
<em class="quotelev1">> These packages also fix a security bug if sendmail is configured to use
smrsh.
<em class="quotelev1">>
<em class="quotelev1">> Description:
<em class="quotelev1">> Sendmail is a widely used Mail Transport Agent (MTA) which is included
<em class="quotelev1">> in all Red Hat Linux distributions.
<em class="quotelev1">>
<em class="quotelev1">> During a code audit of Sendmail by ISS, a critical vulnerability was
<em class="quotelev1">> uncovered that affects unpatched versions of Sendmail prior to version
<em class="quotelev1">> 8.12.8.  A remote attacker can send a carefully crafted email message
<em class="quotelev1">> which, when processed by sendmail, causes arbitrary code to be
<em class="quotelev1">> executed as root.
<em class="quotelev1">>
<em class="quotelev1">> We are advised that a proof-of-concept exploit is known to exist, but
<em class="quotelev1">> is not believed to be in the wild.
<em class="quotelev1">>
<em class="quotelev1">> Since this is a message-based vulnerability, MTAs other than Sendmail
<em class="quotelev1">> may pass on the carefully crafted message.  This means that unpatched
<em class="quotelev1">> versions of Sendmail inside a network could still be at risk even if
<em class="quotelev1">> they do not accept external connections directly.
<em class="quotelev1">>
<em class="quotelev1">> In addition, the restricted shell (SMRSH) in Sendmail  allows attackers to
<em class="quotelev1">> bypass the intended restrictions of smrsh by inserting additional commands
<em class="quotelev1">> after "||" sequences or "/" characters, which are not
properly filtered or
<em class="quotelev1">> verified.  A sucessful attack would allow an attacker who has a local
<em class="quotelev1">> account on a system which has explicitly enabled smrsh to execute
arbitrary
<em class="quotelev1">> binaries as themselves by utilizing their .forward file.
<em class="quotelev1">>
<em class="quotelev1">> All users are advised to update to these erratum packages.  For Red Hat
<em class="quotelev1">> Linux 8.0 we have included Sendmail version 8.12.8 which is not vulnerable
<em class="quotelev1">> to these issues.  For all other distributions we have included a
backported
<em class="quotelev1">> patch which corrects these vulnerabilities.
<em class="quotelev1">>
<em class="quotelev1">> Red Hat would like to thank Eric Allman for his assistance with this
<em class="quotelev1">> vulnerability.
<em class="quotelev1">>
<em class="quotelev1">> References:
<em class="quotelev1">> http://www.cert.org/advisories/CA-2003-07.html
<em class="quotelev1">> http://marc.theaimsgroup.com/?l=bugtraq&amp;m=103350914307274
<em class="quotelev1">> -
------------------------------------------------------------------------------
<em class="quotelev1">>
<em class="quotelev1">> - -------------
<em class="quotelev1">> Taking Action
<em class="quotelev1">> - -------------
<em class="quotelev1">> You may address the issues outlined in this advisory in two ways:
<em class="quotelev1">>
<em class="quotelev1">>      - select your server name by clicking on its name from the list
<em class="quotelev1">>        available at the following location, and then schedule an
<em class="quotelev1">>        errata update for it:
<em class="quotelev1">>            https://rhn.redhat.com/network/systemlist/system_list.pxt
<em class="quotelev1">>
<em class="quotelev1">>      - run the Update Agent on each affected server.
<em class="quotelev1">>
<em class="quotelev1">>
<em class="quotelev1">> - ---------------------------------
<em class="quotelev1">> Changing Notification Preferences
<em class="quotelev1">> - ---------------------------------
<em class="quotelev1">> To enable/disable your Errata Alert preferences globally please log in to
RHN
<em class="quotelev1">> and navigate from "Your RHN" / "Your Account" to the
"Preferences" tab.
<em class="quotelev1">>
<em class="quotelev1">>         URL: https://rhn.redhat.com/network/my_account/my_prefs.pxt
<em class="quotelev1">>
<em class="quotelev1">> You can also enable/disable notification on a per system basis by
selecting an
<em class="quotelev1">> individual system from the "Systems List". From the individual
system view
<em class="quotelev1">> click the "Details" tab.
<em class="quotelev1">>
<em class="quotelev1">>
<em class="quotelev1">> - ----------------
<em class="quotelev1">> Affected Systems
<em class="quotelev1">> - ----------------
<em class="quotelev1">> According to our records, this errata may apply to one or more of the
<em class="quotelev1">> systems that you've profiled with Red Hat Network.  To see precisely which
<em class="quotelev1">> systems are affected, please go to:
<em class="quotelev1">>     https://rhn.redhat.com/network/errata/systems_affected.pxt?eid=1504
<em class="quotelev1">>
<em class="quotelev1">>
<em class="quotelev1">>
<em class="quotelev1">> The Red Hat Network Team
<em class="quotelev1">>
<em class="quotelev1">> This message is being sent by Red Hat Network Alert to:
<em class="quotelev1">>     RHN user login:        vlk_at_lcpe
<em class="quotelev1">>     Email address on file: &lt;vlk_at_lcpe.uni-sofia.bg&gt;
<em class="quotelev1">>
<em class="quotelev1">> If you lost your RHN password, you can use the information above to
<em class="quotelev1">> retrieve it by email from the following address:
<em class="quotelev1">>     https://rhn.redhat.com/forgot_password.pxt
<em class="quotelev1">>
<em class="quotelev1">> To cancel these notices, go to:
<em class="quotelev1">>     https://rhn.redhat.com/oo.pxt?uid=1793678&amp;oid=2352664
<em class="quotelev1">>
<em class="quotelev1">> - --&gt;
<em class="quotelev1">>
<em class="quotelev1">>    Pozdravi
<em class="quotelev1">>      Vesselin Kolev
<em class="quotelev1">> -----BEGIN PGP SIGNATURE-----
<em class="quotelev1">> Version: GnuPG v1.2.1 (GNU/Linux)
<em class="quotelev1">>
<em class="quotelev1">> iD8DBQE+ZHVh+48lZPXaa+MRAoOEAKDu02pwcCSH8oHuAA/sy84ai3JaIQCfZf2a
<em class="quotelev1">> s5lGGjxbjHlNvCrgEmAXrJk=
<em class="quotelev1">> =Yn1d
<em class="quotelev1">> -----END PGP SIGNATURE-----
<em class="quotelev1">>
<em class="quotelev1">>
============================================================================
<em class="quotelev1">> A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
<em class="quotelev1">> http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara
Zagora
<em class="quotelev1">> To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
<em class="quotelev1">>
============================================================================

<p>________________________________________________
Message sent using UebiMiau 2.7.2

<p>
-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
============================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora
To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
============================================================================