[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[linux-security] ALERT: remote root exploit in sendmail



Topic
=====
ALERT: remot root exploit in sendmail

Problem Description
===================
There exists a remotely exploitable vulnerability in sendmail.
The following is from the CERT advisory on this vulnerability:
This vulnerability is message-oriented as opposed to connection-oriented.
That means that the vulnerability is triggered by the contents of a
specially-crafted email message rather than by lower-level network traffic.
This is important because an MTA (mail transfer agent) that does not contain
the vulnerability will pass the malicious message along to other MTAs that
may be protected at the network level. In other words, vulnerable sendmail
servers on the interior of a network are still at risk, even if the site's
border MTA uses software other than sendmail. Also, messages capable of
exploiting this vulnerability may pass undetected through many common
packet filters or firewalls.
This vulnerability has been successfully exploited.
A successful attack against an unpatched sendmail system will not leave any
messages in the system log. However, on a patched system, an attempt to
exploit this vulnerability will leave the following log message:

Dropped invalid comments from header address

Although this does not represent conclusive evidence of an attack, it
may be useful as an indicator.

A patched sendmail server will drop invalid headers, thus preventing
downstream servers from receiving them.

It is strongly advised that systems that run a sendmail daemon are
updated immediately.

Affected Systems
================
systems that run a sendmail daemon with versions earlier than 8.12.8

Solution
========
upgrade to sendmail version 8.12.8 (or patched version for your distribution)

RedHat 6.x
----------
rpm -Fvh sendmail-8.11.6-1.62.2.i386.rpm \
         sendmail-cf-8.11.6-1.62.2.i386.rpm \
         sendmail-doc-8.11.6-1.62.2.i386.rpm \

RedHat 7.0
----------
rpm -Fvh sendmail-8.11.6-23.70.i386.rpm \
         sendmail-cf-8.11.6-23.70.i386.rpm \
         sendmail-devel-8.11.6-23.70.i386.rpm \
         sendmail-doc-8.11.6-23.70.i386.rpm

RedHat 7.1
----------
rpm -Fvh sendmail-8.11.6-23.71.i386.rpm \
         sendmail-cf-8.11.6-23.71.i386.rpm \
         sendmail-devel-8.11.6-23.71.i386.rpm \
         sendmail-doc-8.11.6-23.71.i386.rpm

RedHat 7.2
----------
rpm -Fvh sendmail-8.11.6-23.72.i386.rpm \
         sendmail-cf-8.11.6-23.72.i386.rpm \
         sendmail-devel-8.11.6-23.72.i386.rpm \
         sendmail-doc-8.11.6-23.72.i386.rpm

RedHat 7.3
----------
rpm -Fvh sendmail-8.11.6-23.73.i386.rpm \
         sendmail-cf-8.11.6-23.73.i386.rpm \
         sendmail-devel-8.11.6-23.73.i386.rpm \
         sendmail-doc-8.11.6-23.73.i386.rpm

RedHat 8.0
----------
rpm -Fvh sendmail-8.12.8-1.80.i386.rpm \
         sendmail-cf-8.12.8-1.80.i386.rpm \
         sendmail-devel-8.12.8-1.80.i386.rpm \
         sendmail-doc-8.12.8-1.80.i386.rpm

Mandrake 7.2
------------
rpm -Fvh sendmail-8.11.0-4.2mdk.i586.rpm \
         sendmail-cf-8.11.0-4.2mdk.i586.rpm \
         sendmail-doc-8.11.0-4.2mdk.i586.rpm

Mandrake 8.0, 8.1
-----------------
rpm -Fvh sendmail-8.11.6-4.4mdk.i586.rpm \
         sendmail-cf-8.11.6-4.4mdk.i586.rpm \
         sendmail-doc-8.11.6-4.4mdk.i586.rpm

Mandrake 8.2
------------
rpm -Fvh sendmail-8.12.1-4.2mdk.i586.rpm \
         sendmail-cf-8.12.1-4.2mdk.i586.rpm \
         sendmail-devel-8.12.1-4.2mdk.i586.rpm \
         sendmail-doc-8.12.1-4.2mdk.i586.rpm

Mandrake 9.0
------------
rpm -Fvh sendmail-8.12.6-3.2mdk.i586.rpm \
         sendmail-cf-8.12.6-3.2mdk.i586.rpm \
         sendmail-devel-8.12.6-3.2mdk.i586.rpm \
         sendmail-doc-8.12.6-3.2mdk.i586.rpm