Re: [linux-security] ALERT: remote exploit in sendmail (SuSE)

[Martin Siegert <siegert@sfu.ca>]

On Thu, Sep 18, 2003 at 04:32:56PM -0700, Martin Siegert wrote:
> Topic
> =====
> buffer overflow in sendmail permits remote exploit
> 
> Problem Description
> ===================
> A bug was found in the prescan() function of unpatched Sendmail
> versions prior to 8.12.10. The sucessful exploitation of this bug can lead
> to heap and stack structure overflows.  Although no exploit currently
> exists, this issue is locally exploitable and may also be remotely
> exploitable.
> 
> Additionally there exists a potential buffer overflow in ruleset parsing.
> This problem is not exploitable in the default sendmail configuration;
> it is exploitable only if non-standard rulesets recipient (2), final (4),
> or mailer-specific envelope recipients rulesets are used.
> 
> Affected Versions
> =================
> sendmail versions prior to 8.12.10
> 
> Solution
> ========
> Upgrade to version 8.12.10 or patch version for your distribution

SuSE
----
After performing the update, it is necessary to restart all running
instances of sendmail using the command "rcsendmail restart" as root.

SuSE-7.2
--------
rpm -Fvh sendmail-8.11.3-112.i386.rpm \
         sendmail-tls-8.11.3-116.i386.rpm

SuSE-7.3
--------
rpm -Fvh sendmail-8.11.6-167.i386.rpm \
         sendmail-tls-8.11.6-169.i386.rpm

SuSE-8.0
--------
rpm -Fvh sendmail-8.12.3-78.i386.rpm \
         sendmail-devel-8.12.3-78.i386.rpm
 
SuSE-8.1
--------
rpm -Fvh sendmail-8.12.6-159.i586.rpm \
         sendmail-devel-8.12.6-159.i586.rpm

SuSE-8.2
--------
rpm -Fvh sendmail-8.12.7-77.i586.rpm \
         sendmail-devel-8.12.7-77.i586.rpm