leo's running sendmail - can we check this one out? James A. T. Rice wrote: > sendmail again *spit*. sigh. > > ---------- Forwarded message ---------- > Date: Mon, 03 Mar 2003 10:49:33 -0700 > From: Todd C. Miller <Todd.Miller at courtesan.com> > To: security-announce at openbsd.org > Subject: remote buffer overflow in sendmail > > A buffer overflow has been found in sendmail's envelope comment > processing code which may allow an attacker to gain root privileges. > The bug was discovered by Mark Dowd of ISS X-Force. > > For more information, see: > http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950 > http://www.sendmail.org/8.12.8.html > > As shipped, OpenBSD runs a sendmail that binds only to localhost, > making this a localhost-only hole in the default configuration. > However, any sendmail configuration that accepts incoming mail may > potentially be exploited. > > The sendmail in OpenBSD-current has been updated to version 8.12.8. > The 3.1 and 3.2 -stable branches have had a patch applied that fixes > the buffer overflow. However, because the -stable branches have > the specific vulnerability patched (as opposed to the full 8.12.8 > distribution), sendmail on -stable will report the old sendmail version. > > Patch for OpenBSD 3.1: > ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.1/common/022_sendmail.patch > > Patch for OpenBSD 3.2: > ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/009_sendmail.patch > > Patches for older versions of sendmail may be found at > ftp://ftp.sendmail.org/pub/sendmail/ -- _ __/| ___ ___ __ _________ "When Microsoft Office is your only hammer, \`O_o' / _ \/ -_) // / __/ _ \ pretty much everything begins to look like =(_ _)=/_//_/\__/\_,_/_/ \___/ a nail. Or a thumb." -- Rob Pegoraro U - Ack! Phttpt! Thhbbt! neuro at well dot com http://neuro.me.uk/