Re: lug-bg: ���: Re: Re[2]: lug-bg: sendmail <8.12.8 vulnerable

[teodor@email.domain.hidden (Teodor Georgiev)]

ne. Prosto si podgotvi tezi neshta:

 * mp4 config failovete ot devtools/Site

 * sendmail.mc faila (m4 versiata na sendmail.cf)

 slagash failovete v direktoriata na unpacknatia Sendmail, posle otivash v
direktoria sendmail/ i pishesh "sh Build"

 kopirash sendmail.mc faila v direktoria cf/cf/

posle puskash "sh Build sendmail.cf"  i "sh Build install-cf"

otivash pak v direktoria sendmail/  "sh Build install".

Tova e. Puskash novia sendmail i posle svobodno si buildvash toolchetata
(kato makemap i drugi), za da gi upgradish ako sa
se promenili.

Estestveno vinagi mozhe da instalirash ot packet - rpm, tgz, deb.

Za slackware - www.linuxpackages.net ima go veche Sendmail na tgz.

<p><p><p><p><p>----- Original Message -----
From: "Todor.lazarov [SysAdmin]" <todor.lazarov_at_chepelare-bg.net>
To: <lug-bg_at_linux-bulgaria.org>
Sent: Tuesday, March 04, 2003 3:23 PM
Subject: lug-bg: Îòã: Re: Re[2]: lug-bg: sendmail <8.12.8 vulnerable

<p><em class="quotelev1">> Àáå çà ïî-ñèãîðíî, ùå ñå upgretna äî 8.12.8
<em class="quotelev1">> Ñàìî åäèí âúïðîñ ???
<em class="quotelev1">>
<em class="quotelev1">> Äî ñåãà sendmail ñúì ãî èíñòàëèðàë è êîíôèãóðèðàë ïî
<em class="quotelev1">> òîâà ðúêîâîäñòâî:
http://www.lcpe.uni-sofia.bg/linuxdoc/sendmail/install.txt
<em class="quotelev1">>
<em class="quotelev1">> Áëàãîäàðÿ íà Âåñåëèí çà òîâà.
<em class="quotelev1">>
<em class="quotelev1">> Íî ïðè update íóæíî ëè å âñè÷êî äà ñå èçïúëíÿâà
<em class="quotelev1">> ãîâîðÿ çà ò.1 äî ò.13 îò Ñàìàòà èíñòàëàöèÿ.
<em class="quotelev1">>
<em class="quotelev1">> --------- Îðèãèíàëíî ñúîáùåíèå --------
<em class="quotelev1">> Îò: lug-bg_at_linux-bulgaria.org
<em class="quotelev1">> Äî: lug-bg_at_linux-bulgaria.org <lug-bg_at_linux-bulgaria.org>
<em class="quotelev1">> Òåìà: Re: Re[2]: lug-bg: sendmail <8.12.8 vulnerable
<em class="quotelev1">> Äàòà: 04/03/03 10:25
<em class="quotelev1">>
<em class="quotelev2">> >
<em class="quotelev2">> > -----BEGIN PGP SIGNED MESSAGE-----
<em class="quotelev2">> > Hash: SHA1
<em class="quotelev2">> >
<em class="quotelev2">> > On Tuesday 04 Mar 2003 12:17, Todor Lazarov wrote:
<em class="quotelev2">> > &gt;
<em class="quotelev2">> > &gt; Ñåðèîçåí ëè å ïðîáëåìà ???
<em class="quotelev2">> >
<em class="quotelev2">> > Eto opisanieto na problema, pri tova e napisano mnogo po-razbrano
<em class="quotelev2">> > ot kolkoto CERT sa go napravili. Niakoi hora v CERT (osobeno
redaktorite)
<em class="quotelev2">> > sa tzare na neiasnata misal:)
<em class="quotelev2">> >
<em class="quotelev2">> >
<em class="quotelev2">> > - --&gt;
<em class="quotelev2">> >
<em class="quotelev2">> > Security Advisory - RHSA-2003:073-06
<em class="quotelev2">> > -
<em class="quotelev1">> --------------------------------------------------------------------------

----
> > Summary:
> > Updated sendmail packages fix critical security issues
> >
> > Updated Sendmail packages are available to fix a vulnerability that
> > may allow remote attackers to gain root privileges by sending a
> > carefully crafted message.
> >
> > These packages also fix a security bug if sendmail is configured to use
> smrsh.
> >
> > Description:
> > Sendmail is a widely used Mail Transport Agent (MTA) which is included
> > in all Red Hat Linux distributions.
> >
> > During a code audit of Sendmail by ISS, a critical vulnerability was
> > uncovered that affects unpatched versions of Sendmail prior to version
> > 8.12.8.  A remote attacker can send a carefully crafted email message
> > which, when processed by sendmail, causes arbitrary code to be
> > executed as root.
> >
> > We are advised that a proof-of-concept exploit is known to exist, but
> > is not believed to be in the wild.
> >
> > Since this is a message-based vulnerability, MTAs other than Sendmail
> > may pass on the carefully crafted message.  This means that unpatched
> > versions of Sendmail inside a network could still be at risk even if
> > they do not accept external connections directly.
> >
> > In addition, the restricted shell (SMRSH) in Sendmail  allows attackers
to
> > bypass the intended restrictions of smrsh by inserting additional
commands
> > after "||" sequences or "/" characters, which are
not
> properly filtered or
> > verified.  A sucessful attack would allow an attacker who has a local
> > account on a system which has explicitly enabled smrsh to execute
> arbitrary
> > binaries as themselves by utilizing their .forward file.
> >
> > All users are advised to update to these erratum packages.  For Red Hat
> > Linux 8.0 we have included Sendmail version 8.12.8 which is not
vulnerable
> > to these issues.  For all other distributions we have included a
> backported
> > patch which corrects these vulnerabilities.
> >
> > Red Hat would like to thank Eric Allman for his assistance with this
> > vulnerability.
> >
> > References:
> > http://www.cert.org/advisories/CA-2003-07.html
> > http://marc.theaimsgroup.com/?l=bugtraq&amp;m=103350914307274
> > -
> --------------------------------------------------------------------------
----
> >
> > - -------------
> > Taking Action
> > - -------------
> > You may address the issues outlined in this advisory in two ways:
> >
> >      - select your server name by clicking on its name from the list
> >        available at the following location, and then schedule an
> >        errata update for it:
> >            https://rhn.redhat.com/network/systemlist/system_list.pxt
> >
> >      - run the Update Agent on each affected server.
> >
> >
> > - ---------------------------------
> > Changing Notification Preferences
> > - ---------------------------------
> > To enable/disable your Errata Alert preferences globally please log in
to
> RHN
> > and navigate from "Your RHN" / "Your Account" to the
> "Preferences" tab.
> >
> >         URL: https://rhn.redhat.com/network/my_account/my_prefs.pxt
> >
> > You can also enable/disable notification on a per system basis by
> selecting an
> > individual system from the "Systems List". From the individual
> system view
> > click the "Details" tab.
> >
> >
> > - ----------------
> > Affected Systems
> > - ----------------
> > According to our records, this errata may apply to one or more of the
> > systems that you've profiled with Red Hat Network.  To see precisely
which
> > systems are affected, please go to:
> >     https://rhn.redhat.com/network/errata/systems_affected.pxt?eid=1504
> >
> >
> >
> > The Red Hat Network Team
> >
> > This message is being sent by Red Hat Network Alert to:
> >     RHN user login:        vlk_at_lcpe
> >     Email address on file: &lt;vlk_at_lcpe.uni-sofia.bg&gt;
> >
> > If you lost your RHN password, you can use the information above to
> > retrieve it by email from the following address:
> >     https://rhn.redhat.com/forgot_password.pxt
> >
> > To cancel these notices, go to:
> >     https://rhn.redhat.com/oo.pxt?uid=1793678&amp;oid=2352664
> >
> > - --&gt;
> >
> >    Pozdravi
> >      Vesselin Kolev
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.2.1 (GNU/Linux)
> >
> > iD8DBQE+ZHVh+48lZPXaa+MRAoOEAKDu02pwcCSH8oHuAA/sy84ai3JaIQCfZf2a
> > s5lGGjxbjHlNvCrgEmAXrJk=
> > =Yn1d
> > -----END PGP SIGNATURE-----
> >
> >
>
============================================================================
> > A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
> > http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara
> Zagora
> > To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
> >
>
============================================================================
>
>
> ________________________________________________
> Message sent using UebiMiau 2.7.2
>
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
>
============================================================================
> A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
> http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara
Zagora
> To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
>
============================================================================
============================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora
To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
============================================================================